119843Sdist/* 236515Sbostic * Copyright (c) 1980, 1987, 1988 The Regents of the University of California. 336515Sbostic * All rights reserved. 436515Sbostic * 536515Sbostic * Redistribution and use in source and binary forms are permitted 636515Sbostic * provided that the above copyright notice and this paragraph are 736515Sbostic * duplicated in all such forms and that any documentation, 836515Sbostic * advertising materials, and other materials related to such 936515Sbostic * distribution and use acknowledge that the software was developed 1036515Sbostic * by the University of California, Berkeley. The name of the 1136515Sbostic * University may not be used to endorse or promote products derived 1236515Sbostic * from this software without specific prior written permission. 1336515Sbostic * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 1436515Sbostic * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 1536515Sbostic * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 1619843Sdist */ 1719843Sdist 1812678Ssam#ifndef lint 1919843Sdistchar copyright[] = 2036515Sbostic"@(#) Copyright (c) 1980, 1987, 1988 The Regents of the University of California.\n\ 2119843Sdist All rights reserved.\n"; 2236515Sbostic#endif /* not lint */ 2312678Ssam 2419843Sdist#ifndef lint 2536608Skfallstatic char sccsid[] = "@(#)login.c 5.29 (Berkeley) 1/20/89"; 2636515Sbostic#endif /* not lint */ 2719843Sdist 281043Sbill/* 291043Sbill * login [ name ] 3031695Skarels * login -h hostname (for telnetd, etc.) 3131695Skarels * login -f name (for pre-authenticated login: datakit, xterm, etc.) 321043Sbill */ 331043Sbill 3412984Ssam#include <sys/param.h> 3512687Ssam#include <sys/quota.h> 3612687Ssam#include <sys/stat.h> 3712687Ssam#include <sys/time.h> 3812687Ssam#include <sys/resource.h> 3916453Sroot#include <sys/file.h> 4036460Sbostic#include <sys/ioctl.h> 4112687Ssam 421043Sbill#include <utmp.h> 431043Sbill#include <signal.h> 441043Sbill#include <lastlog.h> 4512678Ssam#include <errno.h> 4616453Sroot#include <ttyent.h> 4716453Sroot#include <syslog.h> 4826862Smckusick#include <grp.h> 4936460Sbostic#include <pwd.h> 5036515Sbostic#include <setjmp.h> 5136460Sbostic#include <stdio.h> 5236460Sbostic#include <strings.h> 531043Sbill 5436608Skfall#ifdef KERBEROS 5536608Skfall#include <kerberos/krb.h> 5636608Skfall#include <sys/termios.h> 5736608Skfallchar inst[INST_SZ]; 5836608Skfallchar realm[REALM_SZ]; 5936608Skfallint kerror = KSUCCESS, notickets = 1; 6036608Skfall#define LIFE 96 /* ticket lifetime in 5-min units */ 6136608Skfall#endif 6236608Skfall 6336460Sbostic#define TTYGRPNAME "tty" /* name of group to own ttys */ 6426862Smckusick 6536460Sbostic#define MOTDFILE "/etc/motd" 6636460Sbostic#define MAILDIR "/usr/spool/mail" 6736460Sbostic#define NOLOGIN "/etc/nologin" 6836460Sbostic#define HUSHLOGIN ".hushlogin" 6936460Sbostic#define LASTLOG "/usr/adm/lastlog" 7036460Sbostic#define BSHELL "/bin/sh" 712822Swnj 7212687Ssam/* 7336460Sbostic * This bounds the time given to login. Not a define so it can 7436460Sbostic * be patched on machines where it's too small. 7512687Ssam */ 7631509Sbosticint timeout = 300; 776005Swnj 78*36647Skarelsstruct passwd *pwd; 79*36647Skarelsint failures; 80*36647Skarelschar term[64], *hostname, *username, *tty; 816005Swnj 82*36647Skarelsstruct sgttyb sgttyb; 83*36647Skarelsstruct tchars tc = { 8413074Ssam CINTR, CQUIT, CSTART, CSTOP, CEOT, CBRK 851365Sbill}; 86*36647Skarelsstruct ltchars ltc = { 8713074Ssam CSUSP, CDSUSP, CRPRNT, CFLUSH, CWERASE, CLNEXT 8813074Ssam}; 891365Sbill 901043Sbillmain(argc, argv) 9136460Sbostic int argc; 9236460Sbostic char **argv; 931043Sbill{ 9436460Sbostic extern int errno, optind; 9536460Sbostic extern char *optarg, **environ; 9636460Sbostic struct group *gr; 9736460Sbostic register int ch; 98*36647Skarels register char *p; 9936549Sbostic int ask, fflag, hflag, pflag, cnt; 10036460Sbostic int quietlog, passwd_req, ioctlval, timedout(); 101*36647Skarels char *domain, *salt, *envinit[1], *ttyn, *pp; 10236460Sbostic char tbuf[MAXPATHLEN + 2]; 10336460Sbostic char *ttyname(), *stypeof(), *crypt(), *getpass(); 10436460Sbostic time_t time(); 10536460Sbostic off_t lseek(); 1061043Sbill 10736460Sbostic (void)signal(SIGALRM, timedout); 10836460Sbostic (void)alarm((u_int)timeout); 10936460Sbostic (void)signal(SIGQUIT, SIG_IGN); 11036460Sbostic (void)signal(SIGINT, SIG_IGN); 11136460Sbostic (void)setpriority(PRIO_PROCESS, 0, 0); 11236460Sbostic (void)quota(Q_SETUID, 0, 0, 0); 11336460Sbostic 11412687Ssam /* 11518549Ssam * -p is used by getty to tell login not to destroy the environment 11631695Skarels * -f is used to skip a second login authentication 11736523Skarels * -h is used by other servers to pass the name of the remote 11836523Skarels * host to login so that it may be placed in utmp and wtmp 11912687Ssam */ 12036460Sbostic (void)gethostname(tbuf, sizeof(tbuf)); 12136460Sbostic domain = index(tbuf, '.'); 12236460Sbostic 12336523Skarels fflag = hflag = pflag = 0; 12436460Sbostic passwd_req = 1; 12536523Skarels while ((ch = getopt(argc, argv, "fh:p")) != EOF) 12636515Sbostic switch (ch) { 12736460Sbostic case 'f': 12836460Sbostic fflag = 1; 12936460Sbostic break; 13036460Sbostic case 'h': 13136460Sbostic if (getuid()) { 13236460Sbostic fprintf(stderr, 13336460Sbostic "login: -h for super-user only.\n"); 13432313Sbostic exit(1); 13531695Skarels } 13636460Sbostic hflag = 1; 13736460Sbostic if (domain && (p = index(optarg, '.')) && 13836553Sbostic strcasecmp(p, domain) == 0) 13936460Sbostic *p = 0; 14036460Sbostic hostname = optarg; 14136460Sbostic break; 14236460Sbostic case 'p': 14318549Ssam pflag = 1; 14436460Sbostic break; 14536460Sbostic case '?': 14636460Sbostic default: 14736515Sbostic fprintf(stderr, "usage: login [-fp] [username]\n"); 14836460Sbostic exit(1); 14918549Ssam } 15036460Sbostic argc -= optind; 15136460Sbostic argv += optind; 15236549Sbostic if (*argv) { 153*36647Skarels username = *argv; 15436549Sbostic ask = 0; 155*36647Skarels } else 15636549Sbostic ask = 1; 15736460Sbostic 15836460Sbostic ioctlval = 0; 15936460Sbostic (void)ioctl(0, TIOCLSET, &ioctlval); 16036460Sbostic (void)ioctl(0, TIOCNXCL, 0); 16136515Sbostic (void)fcntl(0, F_SETFL, ioctlval); 16236515Sbostic (void)ioctl(0, TIOCGETP, &sgttyb); 16336515Sbostic sgttyb.sg_erase = CERASE; 16436515Sbostic sgttyb.sg_kill = CKILL; 16536460Sbostic (void)ioctl(0, TIOCSLTC, <c); 16636460Sbostic (void)ioctl(0, TIOCSETC, &tc); 16736515Sbostic (void)ioctl(0, TIOCSETP, &sgttyb); 16836460Sbostic 16936460Sbostic for (cnt = getdtablesize(); cnt > 2; cnt--) 17036460Sbostic close(cnt); 17136460Sbostic 1721043Sbill ttyn = ttyname(0); 17336460Sbostic if (ttyn == NULL || *ttyn == '\0') 1741043Sbill ttyn = "/dev/tty??"; 17536460Sbostic if (tty = rindex(ttyn, '/')) 17636460Sbostic ++tty; 17736460Sbostic else 17816453Sroot tty = ttyn; 17936460Sbostic 18024852Seric openlog("login", LOG_ODELAY, LOG_AUTH); 18136460Sbostic 18236549Sbostic for (cnt = 0;; ask = 1) { 18336460Sbostic ioctlval = 0; 18436460Sbostic (void)ioctl(0, TIOCSETD, &ioctlval); 18536460Sbostic 18636549Sbostic if (ask) { 18736515Sbostic fflag = 0; 18836460Sbostic getloginname(); 18936515Sbostic } 190*36647Skarels /* 191*36647Skarels * Note if trying multiple user names; 192*36647Skarels * log failures for previous user name, 193*36647Skarels * but don't bother logging one failure 194*36647Skarels * for nonexistent name (mistyped username). 195*36647Skarels */ 196*36647Skarels if (failures && strcmp(tbuf, username)) { 197*36647Skarels if (failures > (pwd ? 0 : 1)) 19836549Sbostic badlogin(tbuf); 199*36647Skarels failures = 0; 20036549Sbostic } 201*36647Skarels (void)strcpy(tbuf, username); 20236515Sbostic if (pwd = getpwnam(username)) 20336515Sbostic salt = pwd->pw_passwd; 20436515Sbostic else 20536515Sbostic salt = "xx"; 20636460Sbostic 20736460Sbostic /* if user not super-user, check for disabled logins */ 20836515Sbostic if (pwd == NULL || pwd->pw_uid) 20936460Sbostic checknologin(); 21036460Sbostic 21112687Ssam /* 21236515Sbostic * Disallow automatic login to root; if not invoked by 21336515Sbostic * root, disallow if the uid's differ. 21412687Ssam */ 21536515Sbostic if (fflag && pwd) { 21631695Skarels int uid = getuid(); 21731695Skarels 21836515Sbostic passwd_req = pwd->pw_uid == 0 || 21936515Sbostic (uid && uid != pwd->pw_uid); 22031695Skarels } 22136460Sbostic 22212687Ssam /* 22336523Skarels * If no pre-authentication and a password exists 22436460Sbostic * for this user, prompt for one and verify it. 22512687Ssam */ 22636608Skfall if (!passwd_req || (pwd && !*pwd->pw_passwd)) 22736460Sbostic break; 22812687Ssam 22936460Sbostic setpriority(PRIO_PROCESS, 0, -4); 23036608Skfall pp = getpass("Password:"); 23136608Skfall p = crypt(pp, salt); 23236460Sbostic setpriority(PRIO_PROCESS, 0, 0); 23336608Skfall 23436608Skfall#ifdef KERBEROS 23536608Skfall 23636608Skfall /* 23736608Skfall * If we aren't Kerberos-authenticated, try the normal 23836608Skfall * pw file for a password. If that's ok, log the user 23936608Skfall * in without issueing any tickets. 24036608Skfall */ 24136608Skfall 242*36647Skarels if (!get_krbrlm(realm,1)) { 24336608Skfall /* get TGT for local realm */ 24436608Skfall kerror = get_in_tkt(pwd->pw_name, inst, realm, 24536608Skfall "krbtgt", realm, LIFE, pp); 246*36647Skarels if (kerror == KSUCCESS) { 24736608Skfall bzero(pp, strlen(pp)); 24836608Skfall notickets = 0; /* user got ticket */ 24936608Skfall break; 25036608Skfall } 25136608Skfall } 25236608Skfall#endif 25336608Skfall (void) bzero(pp, strlen(pp)); 25436515Sbostic if (pwd && !strcmp(p, pwd->pw_passwd)) 25536460Sbostic break; 25636460Sbostic 25736460Sbostic printf("Login incorrect\n"); 258*36647Skarels failures++; 25936549Sbostic /* we allow 10 tries, but after 3 we start backing off */ 26036549Sbostic if (++cnt > 3) { 26136549Sbostic if (cnt >= 10) { 26236549Sbostic badlogin(username); 26336549Sbostic (void)ioctl(0, TIOCHPCL, (struct sgttyb *)NULL); 26436549Sbostic sleepexit(1); 26536549Sbostic } 26636549Sbostic sleep((u_int)((cnt - 3) * 5)); 2672822Swnj } 26836460Sbostic } 2691043Sbill 27036460Sbostic /* committed to login -- turn off timeout */ 27136460Sbostic (void)alarm((u_int)0); 27236460Sbostic 27336460Sbostic /* 27436460Sbostic * If valid so far and root is logging in, see if root logins on 27536460Sbostic * this terminal are permitted. 27636460Sbostic */ 277*36647Skarels if (pwd->pw_uid == 0 && !rootterm(tty)) { 27836460Sbostic if (hostname) 279*36647Skarels syslog(LOG_NOTICE, "ROOT LOGIN REFUSED FROM %s", 280*36647Skarels hostname); 28112678Ssam else 282*36647Skarels syslog(LOG_NOTICE, "ROOT LOGIN REFUSED ON %s", tty); 28336460Sbostic printf("Login incorrect\n"); 28436460Sbostic sleepexit(1); 28512678Ssam } 2862822Swnj 28736460Sbostic if (quota(Q_SETUID, pwd->pw_uid, 0, 0) < 0 && errno != EINVAL) { 28836460Sbostic switch(errno) { 28936460Sbostic case EUSERS: 29036460Sbostic fprintf(stderr, 29136460Sbostic "Too many users logged on already.\nTry again later.\n"); 29236460Sbostic break; 29336460Sbostic case EPROCLIM: 29436460Sbostic fprintf(stderr, 29536460Sbostic "You have too many processes running.\n"); 29636460Sbostic break; 29736460Sbostic default: 29836460Sbostic perror("quota (Q_SETUID)"); 2992822Swnj } 30036460Sbostic sleepexit(0); 3012822Swnj } 30236460Sbostic 30336515Sbostic if (chdir(pwd->pw_dir) < 0) { 30436515Sbostic printf("No directory %s!\n", pwd->pw_dir); 30536515Sbostic if (chdir("/")) 30636515Sbostic exit(0); 30736515Sbostic pwd->pw_dir = "/"; 30836515Sbostic printf("Logging in with home = \"/\".\n"); 30936515Sbostic } 31036515Sbostic 31136608Skfall#ifdef KERBEROS 312*36647Skarels if (notickets) 31336608Skfall printf("Warning: no Kerberos tickets issued\n"); 31436608Skfall#endif 31536608Skfall 31636515Sbostic /* nothing else left to fail -- really log in */ 31736460Sbostic { 31836460Sbostic struct utmp utmp; 31936460Sbostic 320*36647Skarels bzero((char *)&utmp, sizeof(utmp)); 32136460Sbostic (void)time(&utmp.ut_time); 32236460Sbostic strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); 32336591Sbostic if (hostname) 32436591Sbostic strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); 32536460Sbostic strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); 32636460Sbostic login(&utmp); 32736460Sbostic } 32836460Sbostic 32936460Sbostic quietlog = access(HUSHLOGIN, F_OK) == 0; 33036549Sbostic dolastlog(quietlog); 33136460Sbostic 33236523Skarels if (!hflag) { /* XXX */ 33336460Sbostic static struct winsize win = { 0, 0, 0, 0 }; 33436460Sbostic 33536460Sbostic (void)ioctl(0, TIOCSWINSZ, &win); 33636460Sbostic } 33736460Sbostic 33836460Sbostic (void)chown(ttyn, pwd->pw_uid, 33936460Sbostic (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 34036460Sbostic (void)chmod(ttyn, 0620); 34136460Sbostic (void)setgid(pwd->pw_gid); 34236460Sbostic 34336460Sbostic initgroups(username, pwd->pw_gid); 34436460Sbostic 34512678Ssam quota(Q_DOWARN, pwd->pw_uid, (dev_t)-1, 0); 34636460Sbostic (void)setuid(pwd->pw_uid); 34730606Sbostic 34836515Sbostic if (*pwd->pw_shell == '\0') 34936515Sbostic pwd->pw_shell = BSHELL; 35036515Sbostic /* turn on new line discipline for the csh */ 35136515Sbostic else if (!strcmp(pwd->pw_shell, "/bin/csh")) { 35236515Sbostic ioctlval = NTTYDISC; 35336515Sbostic (void)ioctl(0, TIOCSETD, &ioctlval); 35436515Sbostic } 35536515Sbostic 35636460Sbostic /* destroy environment unless user has requested preservation */ 35718549Ssam if (!pflag) 35818549Ssam environ = envinit; 35936515Sbostic (void)setenv("HOME", pwd->pw_dir, 1); 36036515Sbostic (void)setenv("SHELL", pwd->pw_shell, 1); 36118549Ssam if (term[0] == '\0') 362*36647Skarels strncpy(term, stypeof(tty), sizeof(term)); 36336515Sbostic (void)setenv("TERM", term, 0); 36436515Sbostic (void)setenv("USER", pwd->pw_name, 1); 36536515Sbostic (void)setenv("PATH", "/usr/ucb:/bin:/usr/bin:", 0); 36618549Ssam 36716453Sroot if (tty[sizeof("tty")-1] == 'd') 36818549Ssam syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 36918549Ssam if (pwd->pw_uid == 0) 37036460Sbostic if (hostname) 371*36647Skarels syslog(LOG_NOTICE, "ROOT LOGIN ON %s FROM %s", 37236549Sbostic tty, hostname); 37325230Smckusick else 374*36647Skarels syslog(LOG_NOTICE, "ROOT LOGIN ON %s", tty); 37536460Sbostic 3766329Swnj if (!quietlog) { 37717664Sserge struct stat st; 37818549Ssam 37936460Sbostic motd(); 38036460Sbostic (void)sprintf(tbuf, "%s/%s", MAILDIR, pwd->pw_name); 38136460Sbostic if (stat(tbuf, &st) == 0 && st.st_size != 0) 38217664Sserge printf("You have %smail.\n", 38336460Sbostic (st.st_mtime > st.st_atime) ? "new " : ""); 3842822Swnj } 38536460Sbostic 38636460Sbostic (void)signal(SIGALRM, SIG_DFL); 38736460Sbostic (void)signal(SIGQUIT, SIG_DFL); 38836460Sbostic (void)signal(SIGINT, SIG_DFL); 38936460Sbostic (void)signal(SIGTSTP, SIG_IGN); 39036460Sbostic 39136460Sbostic tbuf[0] = '-'; 39236460Sbostic strcpy(tbuf + 1, (p = rindex(pwd->pw_shell, '/')) ? 39336460Sbostic p + 1 : pwd->pw_shell); 39436460Sbostic execlp(pwd->pw_shell, tbuf, 0); 39536515Sbostic fprintf(stderr, "login: no shell: "); 3962822Swnj perror(pwd->pw_shell); 3971043Sbill exit(0); 3981043Sbill} 3991043Sbill 40036460Sbosticgetloginname() 40112687Ssam{ 40236460Sbostic register int ch; 40336460Sbostic register char *p; 40436460Sbostic static char nbuf[UT_NAMESIZE + 1]; 40512687Ssam 40636460Sbostic for (;;) { 40712712Ssam printf("login: "); 40836515Sbostic for (p = nbuf; (ch = getchar()) != '\n'; ) { 40936549Sbostic if (ch == EOF) { 41036549Sbostic badlogin(username); 41112687Ssam exit(0); 41236549Sbostic } 41336515Sbostic if (p < nbuf + UT_NAMESIZE) 41436460Sbostic *p++ = ch; 41512687Ssam } 41636460Sbostic if (p > nbuf) 41736460Sbostic if (nbuf[0] == '-') 41836460Sbostic fprintf(stderr, 41936460Sbostic "login names may not start with '-'.\n"); 42036460Sbostic else { 42136460Sbostic *p = '\0'; 42236460Sbostic username = nbuf; 42336515Sbostic break; 42436460Sbostic } 42512687Ssam } 42612687Ssam} 42712687Ssam 42812687Ssamtimedout() 42912687Ssam{ 43036460Sbostic fprintf(stderr, "Login timed out after %d seconds\n", timeout); 43112687Ssam exit(0); 43212687Ssam} 43312687Ssam 434*36647Skarelsrootterm(ttyn) 435*36647Skarels char *ttyn; 4361043Sbill{ 43736460Sbostic struct ttyent *t; 4386466Swnj 439*36647Skarels return((t = getttynam(ttyn)) && t->ty_status&TTY_SECURE); 4401043Sbill} 4411043Sbill 44236515Sbosticjmp_buf motdinterrupt; 44336515Sbostic 44436460Sbosticmotd() 4452822Swnj{ 44636515Sbostic register int fd, nchars; 44736460Sbostic int (*oldint)(), sigint(); 44836515Sbostic char tbuf[8192]; 4492822Swnj 45036515Sbostic if ((fd = open(MOTDFILE, O_RDONLY, 0)) < 0) 45136460Sbostic return; 45236460Sbostic oldint = signal(SIGINT, sigint); 45336515Sbostic if (setjmp(motdinterrupt) == 0) 45436515Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 45536515Sbostic (void)write(fileno(stdout), tbuf, nchars); 45636460Sbostic (void)signal(SIGINT, oldint); 45736515Sbostic (void)close(fd); 45836460Sbostic} 45936460Sbostic 46036460Sbosticsigint() 46136460Sbostic{ 46236515Sbostic longjmp(motdinterrupt, 1); 46336460Sbostic} 46436460Sbostic 46536460Sbosticchecknologin() 46636460Sbostic{ 46736460Sbostic register int fd, nchars; 46836515Sbostic char tbuf[8192]; 46936460Sbostic 47036460Sbostic if ((fd = open(NOLOGIN, O_RDONLY, 0)) >= 0) { 47136460Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 47236460Sbostic (void)write(fileno(stdout), tbuf, nchars); 47336460Sbostic sleepexit(0); 4742822Swnj } 4752822Swnj} 4762822Swnj 47736549Sbosticdolastlog(quiet) 47836460Sbostic int quiet; 4791043Sbill{ 48036460Sbostic struct lastlog ll; 48136460Sbostic int fd; 4821043Sbill 48336460Sbostic if ((fd = open(LASTLOG, O_RDWR, 0)) >= 0) { 48436515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 48536460Sbostic if (!quiet) { 48636460Sbostic if (read(fd, (char *)&ll, sizeof(ll)) == sizeof(ll) && 48736460Sbostic ll.ll_time != 0) { 48836460Sbostic printf("Last login: %.*s ", 48936460Sbostic 24-5, (char *)ctime(&ll.ll_time)); 49036460Sbostic if (*ll.ll_host != '\0') 49136460Sbostic printf("from %.*s\n", 49236460Sbostic sizeof(ll.ll_host), ll.ll_host); 49336460Sbostic else 49436460Sbostic printf("on %.*s\n", 49536460Sbostic sizeof(ll.ll_line), ll.ll_line); 49636460Sbostic } 49736515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 49836460Sbostic } 499*36647Skarels bzero((char *)&ll, sizeof(ll)); 50036460Sbostic (void)time(&ll.ll_time); 50136460Sbostic strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 50236591Sbostic if (hostname) 50336591Sbostic strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); 50436460Sbostic (void)write(fd, (char *)&ll, sizeof(ll)); 50536460Sbostic (void)close(fd); 5061043Sbill } 5071043Sbill} 5081043Sbill 50936549Sbosticbadlogin(name) 51036549Sbostic char *name; 51136549Sbostic{ 512*36647Skarels if (failures == 0) 51336549Sbostic return; 51436549Sbostic if (hostname) 515*36647Skarels syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s, %s", 516*36647Skarels failures, failures > 1 ? "S" : "", hostname, name); 51736549Sbostic else 518*36647Skarels syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s, %s", 519*36647Skarels failures, failures > 1 ? "S" : "", tty, name); 52036549Sbostic} 52136549Sbostic 5222822Swnj#undef UNKNOWN 52336460Sbostic#define UNKNOWN "su" 5241043Sbill 5251043Sbillchar * 526*36647Skarelsstypeof(ttyid) 527*36647Skarels char *ttyid; 5281043Sbill{ 52936460Sbostic struct ttyent *t; 5301043Sbill 531*36647Skarels return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN); 5321043Sbill} 5336005Swnj 5346005Swnjgetstr(buf, cnt, err) 53536460Sbostic char *buf, *err; 5366005Swnj int cnt; 5376005Swnj{ 53836460Sbostic char ch; 5396005Swnj 5406005Swnj do { 54136460Sbostic if (read(0, &ch, sizeof(ch)) != sizeof(ch)) 5426005Swnj exit(1); 5436005Swnj if (--cnt < 0) { 54436460Sbostic fprintf(stderr, "%s too long\r\n", err); 54536460Sbostic sleepexit(1); 5466005Swnj } 54736460Sbostic *buf++ = ch; 54836460Sbostic } while (ch); 5496005Swnj} 5506329Swnj 55136460Sbosticsleepexit(eval) 55236460Sbostic int eval; 55326862Smckusick{ 55436460Sbostic sleep((u_int)5); 55536460Sbostic exit(eval); 55626862Smckusick} 557