143653Sbostic /*- 247437Skarels * Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University 347437Skarels * of California. All rights reserved. 436515Sbostic * 543653Sbostic * %sccs.include.redist.c% 619843Sdist */ 719843Sdist 812678Ssam #ifndef lint 919843Sdist char copyright[] = 1047437Skarels "@(#) Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University of California.\n\ 1119843Sdist All rights reserved.\n"; 1236515Sbostic #endif /* not lint */ 1312678Ssam 1419843Sdist #ifndef lint 15*49957Skarels static char sccsid[] = "@(#)login.c 5.70 (Berkeley) 06/02/91"; 1636515Sbostic #endif /* not lint */ 1719843Sdist 181043Sbill /* 191043Sbill * login [ name ] 2031695Skarels * login -h hostname (for telnetd, etc.) 2131695Skarels * login -f name (for pre-authenticated login: datakit, xterm, etc.) 221043Sbill */ 231043Sbill 2412984Ssam #include <sys/param.h> 2512687Ssam #include <sys/stat.h> 2612687Ssam #include <sys/time.h> 2712687Ssam #include <sys/resource.h> 2816453Sroot #include <sys/file.h> 2912687Ssam 301043Sbill #include <utmp.h> 311043Sbill #include <signal.h> 3212678Ssam #include <errno.h> 3316453Sroot #include <ttyent.h> 3416453Sroot #include <syslog.h> 3526862Smckusick #include <grp.h> 3636460Sbostic #include <pwd.h> 3736515Sbostic #include <setjmp.h> 3836460Sbostic #include <stdio.h> 3942063Sbostic #include <string.h> 4037203Sbostic #include <tzfile.h> 4137203Sbostic #include "pathnames.h" 421043Sbill 4336460Sbostic #define TTYGRPNAME "tty" /* name of group to own ttys */ 4426862Smckusick 4512687Ssam /* 4636460Sbostic * This bounds the time given to login. Not a define so it can 4736460Sbostic * be patched on machines where it's too small. 4812687Ssam */ 4931509Sbostic int timeout = 300; 50*49957Skarels int rootlogin; 5143653Sbostic #ifdef KERBEROS 5243653Sbostic int notickets = 1; 53*49957Skarels char *instance; 54*49957Skarels char *krbtkfile_env; 55*49957Skarels int authok; 5643653Sbostic #endif 576005Swnj 5836647Skarels struct passwd *pwd; 5936647Skarels int failures; 6040490Sbostic char term[64], *envinit[1], *hostname, *username, *tty; 616005Swnj 621043Sbill main(argc, argv) 6336460Sbostic int argc; 6436460Sbostic char **argv; 651043Sbill { 6643653Sbostic extern int optind; 6736460Sbostic extern char *optarg, **environ; 6836880Sbostic struct timeval tp; 6936460Sbostic struct group *gr; 7036460Sbostic register int ch; 7136647Skarels register char *p; 7239271Skfall int ask, fflag, hflag, pflag, cnt, uid; 7344568Smarc int quietlog, rval; 7443653Sbostic char *domain, *salt, *ttyn; 7537692Sbostic char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 7638034Skfall char localhost[MAXHOSTNAMELEN]; 7736880Sbostic char *ctime(), *ttyname(), *stypeof(), *crypt(), *getpass(); 7836460Sbostic time_t time(); 7936460Sbostic off_t lseek(); 8043653Sbostic void timedout(); 811043Sbill 8236460Sbostic (void)signal(SIGALRM, timedout); 8336460Sbostic (void)alarm((u_int)timeout); 8436460Sbostic (void)signal(SIGQUIT, SIG_IGN); 8536460Sbostic (void)signal(SIGINT, SIG_IGN); 8636460Sbostic (void)setpriority(PRIO_PROCESS, 0, 0); 8736460Sbostic 8842502Sbostic openlog("login", LOG_ODELAY, LOG_AUTH); 8942502Sbostic 9012687Ssam /* 9118549Ssam * -p is used by getty to tell login not to destroy the environment 9231695Skarels * -f is used to skip a second login authentication 9336523Skarels * -h is used by other servers to pass the name of the remote 9436523Skarels * host to login so that it may be placed in utmp and wtmp 9512687Ssam */ 9638034Skfall domain = NULL; 9738034Skfall if (gethostname(localhost, sizeof(localhost)) < 0) 9838034Skfall syslog(LOG_ERR, "couldn't get local hostname: %m"); 9938034Skfall else 10038034Skfall domain = index(localhost, '.'); 10136460Sbostic 10237203Sbostic fflag = hflag = pflag = 0; 10339271Skfall uid = getuid(); 10437203Sbostic while ((ch = getopt(argc, argv, "fh:p")) != EOF) 10536515Sbostic switch (ch) { 10636460Sbostic case 'f': 10736460Sbostic fflag = 1; 10836460Sbostic break; 10936460Sbostic case 'h': 11039271Skfall if (uid) { 11137203Sbostic (void)fprintf(stderr, 11236460Sbostic "login: -h for super-user only.\n"); 11332313Sbostic exit(1); 11431695Skarels } 11536460Sbostic hflag = 1; 11636460Sbostic if (domain && (p = index(optarg, '.')) && 11736553Sbostic strcasecmp(p, domain) == 0) 11836460Sbostic *p = 0; 11936460Sbostic hostname = optarg; 12036460Sbostic break; 12136460Sbostic case 'p': 12218549Ssam pflag = 1; 12336460Sbostic break; 12436460Sbostic case '?': 12536460Sbostic default: 12639271Skfall if (!uid) 12739271Skfall syslog(LOG_ERR, "invalid flag %c", ch); 12837203Sbostic (void)fprintf(stderr, 12937203Sbostic "usage: login [-fp] [username]\n"); 13036460Sbostic exit(1); 13118549Ssam } 13236460Sbostic argc -= optind; 13336460Sbostic argv += optind; 13436549Sbostic if (*argv) { 13536647Skarels username = *argv; 13636549Sbostic ask = 0; 13736647Skarels } else 13836549Sbostic ask = 1; 13936460Sbostic 14036460Sbostic for (cnt = getdtablesize(); cnt > 2; cnt--) 14136460Sbostic close(cnt); 14236460Sbostic 1431043Sbill ttyn = ttyname(0); 14437692Sbostic if (ttyn == NULL || *ttyn == '\0') { 14537692Sbostic (void)sprintf(tname, "%s??", _PATH_TTY); 14637692Sbostic ttyn = tname; 14737692Sbostic } 14836460Sbostic if (tty = rindex(ttyn, '/')) 14936460Sbostic ++tty; 15036460Sbostic else 15116453Sroot tty = ttyn; 15236460Sbostic 15336549Sbostic for (cnt = 0;; ask = 1) { 15436549Sbostic if (ask) { 15536515Sbostic fflag = 0; 15636460Sbostic getloginname(); 15736515Sbostic } 158*49957Skarels #ifdef KERBEROS 159*49957Skarels if ((instance = index(username, '.')) != NULL) { 160*49957Skarels if (strncmp(instance, ".root", 5) == 0) 161*49957Skarels rootlogin++; 162*49957Skarels *instance++ = '\0'; 163*49957Skarels } else { 164*49957Skarels rootlogin = 0; 165*49957Skarels instance = ""; 166*49957Skarels } 167*49957Skarels #endif 168*49957Skarels if (strlen(username) > UT_NAMESIZE) 169*49957Skarels username[UT_NAMESIZE] = '\0'; 170*49957Skarels 17136647Skarels /* 17239271Skfall * Note if trying multiple user names; log failures for 17339271Skfall * previous user name, but don't bother logging one failure 17436647Skarels * for nonexistent name (mistyped username). 17536647Skarels */ 17636647Skarels if (failures && strcmp(tbuf, username)) { 17736647Skarels if (failures > (pwd ? 0 : 1)) 17836549Sbostic badlogin(tbuf); 17936647Skarels failures = 0; 18036549Sbostic } 18136647Skarels (void)strcpy(tbuf, username); 18243659Sbostic 18336515Sbostic if (pwd = getpwnam(username)) 18436515Sbostic salt = pwd->pw_passwd; 18543659Sbostic else 18643659Sbostic salt = "xx"; 18736460Sbostic 18812687Ssam /* 18943674Sbostic * if we have a valid account name, and it doesn't have a 19043674Sbostic * password, or the -f option was specified and the caller 19143674Sbostic * is root or the caller isn't changing their uid, don't 19243674Sbostic * authenticate. 19312687Ssam */ 19443674Sbostic if (pwd && (*pwd->pw_passwd == '\0' || 19543674Sbostic fflag && (uid == 0 || uid == pwd->pw_uid))) 19636460Sbostic break; 19744348Skarels fflag = 0; 198*49957Skarels if (pwd && pwd->pw_uid == 0) 199*49957Skarels rootlogin = 1; 20012687Ssam 201*49957Skarels (void)setpriority(PRIO_PROCESS, 0, -4); 202*49957Skarels 203*49957Skarels p = getpass("Password:"); 204*49957Skarels 205*49957Skarels if (pwd) { 206*49957Skarels #ifdef KERBEROS 207*49957Skarels rval = klogin(pwd, instance, localhost, p); 208*49957Skarels if (rval == 0) 209*49957Skarels authok = 1; 210*49957Skarels else if (rval == 1) { 211*49957Skarels if (pwd->pw_uid != 0) 212*49957Skarels rootlogin = 0; 213*49957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 214*49957Skarels } 215*49957Skarels #else 216*49957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 217*49957Skarels #endif 218*49957Skarels } 219*49957Skarels bzero(p, strlen(p)); 220*49957Skarels 221*49957Skarels (void)setpriority(PRIO_PROCESS, 0, 0); 222*49957Skarels 22339271Skfall /* 224*49957Skarels * If trying to log in as root without Kerberos, 225*49957Skarels * but with insecure terminal, refuse the login attempt. 22639271Skfall */ 227*49957Skarels #ifdef KERBEROS 228*49957Skarels if (authok == 0) 229*49957Skarels #endif 230*49957Skarels if (pwd && rootlogin && !rootterm(tty)) { 23139271Skfall (void)fprintf(stderr, 23239271Skfall "%s login refused on this terminal.\n", 23339271Skfall pwd->pw_name); 23439271Skfall if (hostname) 23539271Skfall syslog(LOG_NOTICE, 23639271Skfall "LOGIN %s REFUSED FROM %s ON TTY %s", 23739271Skfall pwd->pw_name, hostname, tty); 23839271Skfall else 23939271Skfall syslog(LOG_NOTICE, 24039271Skfall "LOGIN %s REFUSED ON TTY %s", 24139271Skfall pwd->pw_name, tty); 24239271Skfall continue; 24339271Skfall } 24439271Skfall 24543659Sbostic if (pwd && !rval) 24636460Sbostic break; 24736460Sbostic 24843659Sbostic (void)printf("Login incorrect\n"); 24936647Skarels failures++; 25036549Sbostic /* we allow 10 tries, but after 3 we start backing off */ 25136549Sbostic if (++cnt > 3) { 25236549Sbostic if (cnt >= 10) { 25336549Sbostic badlogin(username); 25436549Sbostic sleepexit(1); 25536549Sbostic } 25636549Sbostic sleep((u_int)((cnt - 3) * 5)); 2572822Swnj } 25836460Sbostic } 2591043Sbill 26036460Sbostic /* committed to login -- turn off timeout */ 26136460Sbostic (void)alarm((u_int)0); 26236460Sbostic 26337692Sbostic endpwent(); 26437692Sbostic 26543663Sbostic /* if user not super-user, check for disabled logins */ 266*49957Skarels if (!(rootlogin)) 26743663Sbostic checknologin(); 26843663Sbostic 26936515Sbostic if (chdir(pwd->pw_dir) < 0) { 27037203Sbostic (void)printf("No directory %s!\n", pwd->pw_dir); 27136515Sbostic if (chdir("/")) 27236515Sbostic exit(0); 27336515Sbostic pwd->pw_dir = "/"; 27437203Sbostic (void)printf("Logging in with home = \"/\".\n"); 27536515Sbostic } 27636515Sbostic 27737203Sbostic quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 27837203Sbostic 27936880Sbostic if (pwd->pw_change || pwd->pw_expire) 28036880Sbostic (void)gettimeofday(&tp, (struct timezone *)NULL); 28136880Sbostic if (pwd->pw_change) 28236880Sbostic if (tp.tv_sec >= pwd->pw_change) { 28337203Sbostic (void)printf("Sorry -- your password has expired.\n"); 28436880Sbostic sleepexit(1); 285*49957Skarels } else if (pwd->pw_change - tp.tv_sec < 28643660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 28743660Sbostic (void)printf("Warning: your password expires on %s", 28843660Sbostic ctime(&pwd->pw_expire)); 28936880Sbostic if (pwd->pw_expire) 29036880Sbostic if (tp.tv_sec >= pwd->pw_expire) { 29137203Sbostic (void)printf("Sorry -- your account has expired.\n"); 29236880Sbostic sleepexit(1); 293*49957Skarels } else if (pwd->pw_expire - tp.tv_sec < 29443660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 29543660Sbostic (void)printf("Warning: your account expires on %s", 29643660Sbostic ctime(&pwd->pw_expire)); 29736880Sbostic 29836515Sbostic /* nothing else left to fail -- really log in */ 29936460Sbostic { 30036460Sbostic struct utmp utmp; 30136460Sbostic 30243653Sbostic bzero((void *)&utmp, sizeof(utmp)); 30336460Sbostic (void)time(&utmp.ut_time); 30436460Sbostic strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); 30536591Sbostic if (hostname) 30636591Sbostic strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); 30736460Sbostic strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); 30836460Sbostic login(&utmp); 30936460Sbostic } 31036460Sbostic 31136549Sbostic dolastlog(quietlog); 31236460Sbostic 31336460Sbostic (void)chown(ttyn, pwd->pw_uid, 31436460Sbostic (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 31536460Sbostic (void)setgid(pwd->pw_gid); 31636460Sbostic 31736460Sbostic initgroups(username, pwd->pw_gid); 31836460Sbostic 31936515Sbostic if (*pwd->pw_shell == '\0') 32037203Sbostic pwd->pw_shell = _PATH_BSHELL; 32136515Sbostic 32236460Sbostic /* destroy environment unless user has requested preservation */ 32318549Ssam if (!pflag) 32418549Ssam environ = envinit; 32536515Sbostic (void)setenv("HOME", pwd->pw_dir, 1); 32636515Sbostic (void)setenv("SHELL", pwd->pw_shell, 1); 32718549Ssam if (term[0] == '\0') 32836647Skarels strncpy(term, stypeof(tty), sizeof(term)); 32936515Sbostic (void)setenv("TERM", term, 0); 33036515Sbostic (void)setenv("USER", pwd->pw_name, 1); 33137252Sbostic (void)setenv("PATH", _PATH_DEFPATH, 0); 332*49957Skarels #ifdef KERBEROS 333*49957Skarels if (krbtkfile_env) 334*49957Skarels (void)setenv("KRBTKFILE", krbtkfile_env, 1); 335*49957Skarels #endif 33618549Ssam 33716453Sroot if (tty[sizeof("tty")-1] == 'd') 33818549Ssam syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 33944348Skarels /* if fflag is on, assume caller/authenticator has logged root login */ 340*49957Skarels if (rootlogin && fflag == 0) 34136460Sbostic if (hostname) 34247685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 34347685Skfall username, tty, hostname); 34425230Smckusick else 34547685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty); 34636460Sbostic 34743653Sbostic #ifdef KERBEROS 34843653Sbostic if (!quietlog && notickets == 1) 34943653Sbostic (void)printf("Warning: no Kerberos tickets issued.\n"); 35043653Sbostic #endif 35143653Sbostic 3526329Swnj if (!quietlog) { 35317664Sserge struct stat st; 35418549Ssam 35547437Skarels printf( 35647437Skarels "Copyright (c) 1980,1983,1986,1988,1990,1991 The Regents of the University\n%s", 35747437Skarels "of California. All rights reserved.\n\n"); 35836460Sbostic motd(); 35937203Sbostic (void)sprintf(tbuf, "%s/%s", _PATH_MAILDIR, pwd->pw_name); 36036460Sbostic if (stat(tbuf, &st) == 0 && st.st_size != 0) 36137203Sbostic (void)printf("You have %smail.\n", 36236460Sbostic (st.st_mtime > st.st_atime) ? "new " : ""); 3632822Swnj } 36436460Sbostic 36536460Sbostic (void)signal(SIGALRM, SIG_DFL); 36636460Sbostic (void)signal(SIGQUIT, SIG_DFL); 36736460Sbostic (void)signal(SIGINT, SIG_DFL); 36836460Sbostic (void)signal(SIGTSTP, SIG_IGN); 36936460Sbostic 37036460Sbostic tbuf[0] = '-'; 37136460Sbostic strcpy(tbuf + 1, (p = rindex(pwd->pw_shell, '/')) ? 37236460Sbostic p + 1 : pwd->pw_shell); 37337203Sbostic 37440009Ssklower if (setlogin(pwd->pw_name) < 0) 37540009Ssklower syslog(LOG_ERR, "setlogin() failure: %m"); 37637692Sbostic 37737203Sbostic /* discard permissions last so can't get killed and drop core */ 378*49957Skarels if (rootlogin) 37947685Skfall (void) setuid(0); 38047685Skfall else 381*49957Skarels (void) setuid(pwd->pw_uid); 38237203Sbostic 38336460Sbostic execlp(pwd->pw_shell, tbuf, 0); 38437203Sbostic (void)fprintf(stderr, "login: no shell: %s.\n", strerror(errno)); 3851043Sbill exit(0); 3861043Sbill } 3871043Sbill 38847685Skfall #ifdef KERBEROS 38947685Skfall #define NBUFSIZ (UT_NAMESIZE + 1 + 5) /* .root suffix */ 39047685Skfall #else 39147685Skfall #define NBUFSIZ (UT_NAMESIZE + 1) 39247685Skfall #endif 39347685Skfall 39436460Sbostic getloginname() 39512687Ssam { 39636460Sbostic register int ch; 397*49957Skarels register char *p; 39847685Skfall static char nbuf[NBUFSIZ]; 39912687Ssam 40036460Sbostic for (;;) { 40137203Sbostic (void)printf("login: "); 40236515Sbostic for (p = nbuf; (ch = getchar()) != '\n'; ) { 40336549Sbostic if (ch == EOF) { 40436549Sbostic badlogin(username); 40512687Ssam exit(0); 40636549Sbostic } 40747685Skfall if (p < nbuf + (NBUFSIZ - 1)) 40836460Sbostic *p++ = ch; 40912687Ssam } 41036460Sbostic if (p > nbuf) 41136460Sbostic if (nbuf[0] == '-') 41237203Sbostic (void)fprintf(stderr, 41336460Sbostic "login names may not start with '-'.\n"); 41436460Sbostic else { 41536460Sbostic *p = '\0'; 41636460Sbostic username = nbuf; 41736515Sbostic break; 41836460Sbostic } 41912687Ssam } 42012687Ssam } 42112687Ssam 42243653Sbostic void 42312687Ssam timedout() 42412687Ssam { 42537203Sbostic (void)fprintf(stderr, "Login timed out after %d seconds\n", timeout); 42612687Ssam exit(0); 42712687Ssam } 42812687Ssam 42936647Skarels rootterm(ttyn) 43036647Skarels char *ttyn; 4311043Sbill { 43236460Sbostic struct ttyent *t; 4336466Swnj 43436647Skarels return((t = getttynam(ttyn)) && t->ty_status&TTY_SECURE); 4351043Sbill } 4361043Sbill 43736515Sbostic jmp_buf motdinterrupt; 43836515Sbostic 43936460Sbostic motd() 4402822Swnj { 44136515Sbostic register int fd, nchars; 44238726Skfall sig_t oldint; 44346835Sbostic void sigint(); 44436515Sbostic char tbuf[8192]; 4452822Swnj 44637203Sbostic if ((fd = open(_PATH_MOTDFILE, O_RDONLY, 0)) < 0) 44736460Sbostic return; 44836460Sbostic oldint = signal(SIGINT, sigint); 44936515Sbostic if (setjmp(motdinterrupt) == 0) 45036515Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 45136515Sbostic (void)write(fileno(stdout), tbuf, nchars); 45236460Sbostic (void)signal(SIGINT, oldint); 45336515Sbostic (void)close(fd); 45436460Sbostic } 45536460Sbostic 45646835Sbostic void 45736460Sbostic sigint() 45836460Sbostic { 45936515Sbostic longjmp(motdinterrupt, 1); 46036460Sbostic } 46136460Sbostic 46236460Sbostic checknologin() 46336460Sbostic { 46436460Sbostic register int fd, nchars; 46536515Sbostic char tbuf[8192]; 46636460Sbostic 46737203Sbostic if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 46836460Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 46936460Sbostic (void)write(fileno(stdout), tbuf, nchars); 47036460Sbostic sleepexit(0); 4712822Swnj } 4722822Swnj } 4732822Swnj 47436549Sbostic dolastlog(quiet) 47536460Sbostic int quiet; 4761043Sbill { 47736460Sbostic struct lastlog ll; 47836460Sbostic int fd; 47936880Sbostic char *ctime(); 4801043Sbill 48137203Sbostic if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { 48236515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 48336460Sbostic if (!quiet) { 48436460Sbostic if (read(fd, (char *)&ll, sizeof(ll)) == sizeof(ll) && 48536460Sbostic ll.ll_time != 0) { 48637203Sbostic (void)printf("Last login: %.*s ", 48736460Sbostic 24-5, (char *)ctime(&ll.ll_time)); 48836460Sbostic if (*ll.ll_host != '\0') 48937203Sbostic (void)printf("from %.*s\n", 49036460Sbostic sizeof(ll.ll_host), ll.ll_host); 49136460Sbostic else 49237203Sbostic (void)printf("on %.*s\n", 49336460Sbostic sizeof(ll.ll_line), ll.ll_line); 49436460Sbostic } 49536515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 49636460Sbostic } 49743653Sbostic bzero((void *)&ll, sizeof(ll)); 49836460Sbostic (void)time(&ll.ll_time); 49936460Sbostic strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 50036591Sbostic if (hostname) 50136591Sbostic strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); 50236460Sbostic (void)write(fd, (char *)&ll, sizeof(ll)); 50336460Sbostic (void)close(fd); 5041043Sbill } 5051043Sbill } 5061043Sbill 50736549Sbostic badlogin(name) 50836549Sbostic char *name; 50936549Sbostic { 51036647Skarels if (failures == 0) 51136549Sbostic return; 51245431Sbostic if (hostname) { 51345431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s", 51445431Sbostic failures, failures > 1 ? "S" : "", hostname); 51545431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 51645431Sbostic "%d LOGIN FAILURE%s FROM %s, %s", 51736647Skarels failures, failures > 1 ? "S" : "", hostname, name); 51845431Sbostic } else { 51945431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s", 52045431Sbostic failures, failures > 1 ? "S" : "", tty); 52145431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 52245431Sbostic "%d LOGIN FAILURE%s ON %s, %s", 52336647Skarels failures, failures > 1 ? "S" : "", tty, name); 52445431Sbostic } 52536549Sbostic } 52636549Sbostic 5272822Swnj #undef UNKNOWN 52836460Sbostic #define UNKNOWN "su" 5291043Sbill 5301043Sbill char * 53136647Skarels stypeof(ttyid) 53236647Skarels char *ttyid; 5331043Sbill { 53436460Sbostic struct ttyent *t; 5351043Sbill 53636647Skarels return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN); 5371043Sbill } 5386005Swnj 53936460Sbostic sleepexit(eval) 54036460Sbostic int eval; 54126862Smckusick { 54236460Sbostic sleep((u_int)5); 54336460Sbostic exit(eval); 54426862Smckusick } 545