143653Sbostic /*- 247437Skarels * Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University 347437Skarels * of California. All rights reserved. 436515Sbostic * 543653Sbostic * %sccs.include.redist.c% 619843Sdist */ 719843Sdist 812678Ssam #ifndef lint 919843Sdist char copyright[] = 1047437Skarels "@(#) Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University of California.\n\ 1119843Sdist All rights reserved.\n"; 1236515Sbostic #endif /* not lint */ 1312678Ssam 1419843Sdist #ifndef lint 15*50719Sbostic static char sccsid[] = "@(#)login.c 5.74 (Berkeley) 07/31/91"; 1636515Sbostic #endif /* not lint */ 1719843Sdist 181043Sbill /* 191043Sbill * login [ name ] 2031695Skarels * login -h hostname (for telnetd, etc.) 2131695Skarels * login -f name (for pre-authenticated login: datakit, xterm, etc.) 221043Sbill */ 231043Sbill 2412984Ssam #include <sys/param.h> 2512687Ssam #include <sys/stat.h> 2612687Ssam #include <sys/time.h> 2712687Ssam #include <sys/resource.h> 2816453Sroot #include <sys/file.h> 2912687Ssam 301043Sbill #include <utmp.h> 311043Sbill #include <signal.h> 3212678Ssam #include <errno.h> 3316453Sroot #include <ttyent.h> 3416453Sroot #include <syslog.h> 3526862Smckusick #include <grp.h> 3636460Sbostic #include <pwd.h> 3736515Sbostic #include <setjmp.h> 3836460Sbostic #include <stdio.h> 3942063Sbostic #include <string.h> 4037203Sbostic #include <tzfile.h> 4137203Sbostic #include "pathnames.h" 421043Sbill 4336460Sbostic #define TTYGRPNAME "tty" /* name of group to own ttys */ 4426862Smckusick 4512687Ssam /* 4636460Sbostic * This bounds the time given to login. Not a define so it can 4736460Sbostic * be patched on machines where it's too small. 4812687Ssam */ 4931509Sbostic int timeout = 300; 5049957Skarels int rootlogin; 5143653Sbostic #ifdef KERBEROS 5243653Sbostic int notickets = 1; 5349957Skarels char *instance; 5449957Skarels char *krbtkfile_env; 5549957Skarels int authok; 5643653Sbostic #endif 576005Swnj 5836647Skarels struct passwd *pwd; 5936647Skarels int failures; 6040490Sbostic char term[64], *envinit[1], *hostname, *username, *tty; 616005Swnj 621043Sbill main(argc, argv) 6336460Sbostic int argc; 6436460Sbostic char **argv; 651043Sbill { 6643653Sbostic extern int optind; 6736460Sbostic extern char *optarg, **environ; 6836880Sbostic struct timeval tp; 6936460Sbostic struct group *gr; 7036460Sbostic register int ch; 7136647Skarels register char *p; 7239271Skfall int ask, fflag, hflag, pflag, cnt, uid; 7344568Smarc int quietlog, rval; 7443653Sbostic char *domain, *salt, *ttyn; 7537692Sbostic char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 7638034Skfall char localhost[MAXHOSTNAMELEN]; 7736880Sbostic char *ctime(), *ttyname(), *stypeof(), *crypt(), *getpass(); 7836460Sbostic time_t time(); 7936460Sbostic off_t lseek(); 8043653Sbostic void timedout(); 811043Sbill 8236460Sbostic (void)signal(SIGALRM, timedout); 8336460Sbostic (void)alarm((u_int)timeout); 8436460Sbostic (void)signal(SIGQUIT, SIG_IGN); 8536460Sbostic (void)signal(SIGINT, SIG_IGN); 8636460Sbostic (void)setpriority(PRIO_PROCESS, 0, 0); 8736460Sbostic 8842502Sbostic openlog("login", LOG_ODELAY, LOG_AUTH); 8942502Sbostic 9012687Ssam /* 9118549Ssam * -p is used by getty to tell login not to destroy the environment 9231695Skarels * -f is used to skip a second login authentication 9336523Skarels * -h is used by other servers to pass the name of the remote 9436523Skarels * host to login so that it may be placed in utmp and wtmp 9512687Ssam */ 9638034Skfall domain = NULL; 9738034Skfall if (gethostname(localhost, sizeof(localhost)) < 0) 9838034Skfall syslog(LOG_ERR, "couldn't get local hostname: %m"); 9938034Skfall else 10038034Skfall domain = index(localhost, '.'); 10136460Sbostic 10237203Sbostic fflag = hflag = pflag = 0; 10339271Skfall uid = getuid(); 10437203Sbostic while ((ch = getopt(argc, argv, "fh:p")) != EOF) 10536515Sbostic switch (ch) { 10636460Sbostic case 'f': 10736460Sbostic fflag = 1; 10836460Sbostic break; 10936460Sbostic case 'h': 11039271Skfall if (uid) { 11137203Sbostic (void)fprintf(stderr, 11250174Sbostic "login: -h option: %s\n", strerror(EPERM)); 11332313Sbostic exit(1); 11431695Skarels } 11536460Sbostic hflag = 1; 11636460Sbostic if (domain && (p = index(optarg, '.')) && 11736553Sbostic strcasecmp(p, domain) == 0) 11836460Sbostic *p = 0; 11936460Sbostic hostname = optarg; 12036460Sbostic break; 12136460Sbostic case 'p': 12218549Ssam pflag = 1; 12336460Sbostic break; 12436460Sbostic case '?': 12536460Sbostic default: 12639271Skfall if (!uid) 12739271Skfall syslog(LOG_ERR, "invalid flag %c", ch); 12837203Sbostic (void)fprintf(stderr, 12950274Sbostic "usage: login [-fp] [-h hostname] [username]\n"); 13036460Sbostic exit(1); 13118549Ssam } 13236460Sbostic argc -= optind; 13336460Sbostic argv += optind; 13436549Sbostic if (*argv) { 13536647Skarels username = *argv; 13636549Sbostic ask = 0; 13736647Skarels } else 13836549Sbostic ask = 1; 13936460Sbostic 14036460Sbostic for (cnt = getdtablesize(); cnt > 2; cnt--) 14136460Sbostic close(cnt); 14236460Sbostic 1431043Sbill ttyn = ttyname(0); 14437692Sbostic if (ttyn == NULL || *ttyn == '\0') { 14537692Sbostic (void)sprintf(tname, "%s??", _PATH_TTY); 14637692Sbostic ttyn = tname; 14737692Sbostic } 14836460Sbostic if (tty = rindex(ttyn, '/')) 14936460Sbostic ++tty; 15036460Sbostic else 15116453Sroot tty = ttyn; 15236460Sbostic 15336549Sbostic for (cnt = 0;; ask = 1) { 15436549Sbostic if (ask) { 15536515Sbostic fflag = 0; 15636460Sbostic getloginname(); 15736515Sbostic } 15849957Skarels #ifdef KERBEROS 15949957Skarels if ((instance = index(username, '.')) != NULL) { 16049957Skarels if (strncmp(instance, ".root", 5) == 0) 16149957Skarels rootlogin++; 16249957Skarels *instance++ = '\0'; 16349957Skarels } else { 16449957Skarels rootlogin = 0; 16549957Skarels instance = ""; 16649957Skarels } 16749957Skarels #endif 16849957Skarels if (strlen(username) > UT_NAMESIZE) 16949957Skarels username[UT_NAMESIZE] = '\0'; 17049957Skarels 17136647Skarels /* 17239271Skfall * Note if trying multiple user names; log failures for 17339271Skfall * previous user name, but don't bother logging one failure 17436647Skarels * for nonexistent name (mistyped username). 17536647Skarels */ 17636647Skarels if (failures && strcmp(tbuf, username)) { 17736647Skarels if (failures > (pwd ? 0 : 1)) 17836549Sbostic badlogin(tbuf); 17936647Skarels failures = 0; 18036549Sbostic } 18136647Skarels (void)strcpy(tbuf, username); 18243659Sbostic 18336515Sbostic if (pwd = getpwnam(username)) 18436515Sbostic salt = pwd->pw_passwd; 18543659Sbostic else 18643659Sbostic salt = "xx"; 18736460Sbostic 18812687Ssam /* 18943674Sbostic * if we have a valid account name, and it doesn't have a 19043674Sbostic * password, or the -f option was specified and the caller 19143674Sbostic * is root or the caller isn't changing their uid, don't 19243674Sbostic * authenticate. 19312687Ssam */ 19443674Sbostic if (pwd && (*pwd->pw_passwd == '\0' || 19543674Sbostic fflag && (uid == 0 || uid == pwd->pw_uid))) 19636460Sbostic break; 19744348Skarels fflag = 0; 19849957Skarels if (pwd && pwd->pw_uid == 0) 19949957Skarels rootlogin = 1; 20012687Ssam 20149957Skarels (void)setpriority(PRIO_PROCESS, 0, -4); 20249957Skarels 20349957Skarels p = getpass("Password:"); 20449957Skarels 20549957Skarels if (pwd) { 20649957Skarels #ifdef KERBEROS 20749957Skarels rval = klogin(pwd, instance, localhost, p); 20849957Skarels if (rval == 0) 20949957Skarels authok = 1; 21049957Skarels else if (rval == 1) { 21149957Skarels if (pwd->pw_uid != 0) 21249957Skarels rootlogin = 0; 21349957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 21449957Skarels } 21549957Skarels #else 21649957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 21749957Skarels #endif 21849957Skarels } 21949957Skarels bzero(p, strlen(p)); 22049957Skarels 22149957Skarels (void)setpriority(PRIO_PROCESS, 0, 0); 22249957Skarels 22339271Skfall /* 22449957Skarels * If trying to log in as root without Kerberos, 22549957Skarels * but with insecure terminal, refuse the login attempt. 22639271Skfall */ 22749957Skarels #ifdef KERBEROS 22849957Skarels if (authok == 0) 22949957Skarels #endif 23049957Skarels if (pwd && rootlogin && !rootterm(tty)) { 23139271Skfall (void)fprintf(stderr, 23239271Skfall "%s login refused on this terminal.\n", 23339271Skfall pwd->pw_name); 23439271Skfall if (hostname) 23539271Skfall syslog(LOG_NOTICE, 23639271Skfall "LOGIN %s REFUSED FROM %s ON TTY %s", 23739271Skfall pwd->pw_name, hostname, tty); 23839271Skfall else 23939271Skfall syslog(LOG_NOTICE, 24039271Skfall "LOGIN %s REFUSED ON TTY %s", 24139271Skfall pwd->pw_name, tty); 24239271Skfall continue; 24339271Skfall } 24439271Skfall 24543659Sbostic if (pwd && !rval) 24636460Sbostic break; 24736460Sbostic 24843659Sbostic (void)printf("Login incorrect\n"); 24936647Skarels failures++; 25036549Sbostic /* we allow 10 tries, but after 3 we start backing off */ 25136549Sbostic if (++cnt > 3) { 25236549Sbostic if (cnt >= 10) { 25336549Sbostic badlogin(username); 25436549Sbostic sleepexit(1); 25536549Sbostic } 25636549Sbostic sleep((u_int)((cnt - 3) * 5)); 2572822Swnj } 25836460Sbostic } 2591043Sbill 26036460Sbostic /* committed to login -- turn off timeout */ 26136460Sbostic (void)alarm((u_int)0); 26236460Sbostic 26337692Sbostic endpwent(); 26437692Sbostic 26543663Sbostic /* if user not super-user, check for disabled logins */ 26650274Sbostic if (!rootlogin) 26743663Sbostic checknologin(); 26843663Sbostic 26936515Sbostic if (chdir(pwd->pw_dir) < 0) { 27050274Sbostic (void)printf("No home directory %s!\n", pwd->pw_dir); 27136515Sbostic if (chdir("/")) 27236515Sbostic exit(0); 27336515Sbostic pwd->pw_dir = "/"; 27437203Sbostic (void)printf("Logging in with home = \"/\".\n"); 27536515Sbostic } 27636515Sbostic 27737203Sbostic quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 27837203Sbostic 27936880Sbostic if (pwd->pw_change || pwd->pw_expire) 28036880Sbostic (void)gettimeofday(&tp, (struct timezone *)NULL); 28136880Sbostic if (pwd->pw_change) 28236880Sbostic if (tp.tv_sec >= pwd->pw_change) { 28337203Sbostic (void)printf("Sorry -- your password has expired.\n"); 28436880Sbostic sleepexit(1); 28549957Skarels } else if (pwd->pw_change - tp.tv_sec < 28643660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 28743660Sbostic (void)printf("Warning: your password expires on %s", 288*50719Sbostic ctime(&pwd->pw_change)); 28936880Sbostic if (pwd->pw_expire) 29036880Sbostic if (tp.tv_sec >= pwd->pw_expire) { 29137203Sbostic (void)printf("Sorry -- your account has expired.\n"); 29236880Sbostic sleepexit(1); 29349957Skarels } else if (pwd->pw_expire - tp.tv_sec < 29443660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 29543660Sbostic (void)printf("Warning: your account expires on %s", 29643660Sbostic ctime(&pwd->pw_expire)); 29736880Sbostic 29836515Sbostic /* nothing else left to fail -- really log in */ 29936460Sbostic { 30036460Sbostic struct utmp utmp; 30136460Sbostic 30243653Sbostic bzero((void *)&utmp, sizeof(utmp)); 30336460Sbostic (void)time(&utmp.ut_time); 30436460Sbostic strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); 30536591Sbostic if (hostname) 30636591Sbostic strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); 30736460Sbostic strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); 30836460Sbostic login(&utmp); 30936460Sbostic } 31036460Sbostic 31136549Sbostic dolastlog(quietlog); 31236460Sbostic 31336460Sbostic (void)chown(ttyn, pwd->pw_uid, 31436460Sbostic (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 31536460Sbostic (void)setgid(pwd->pw_gid); 31636460Sbostic 31736460Sbostic initgroups(username, pwd->pw_gid); 31836460Sbostic 31936515Sbostic if (*pwd->pw_shell == '\0') 32037203Sbostic pwd->pw_shell = _PATH_BSHELL; 32136515Sbostic 32236460Sbostic /* destroy environment unless user has requested preservation */ 32318549Ssam if (!pflag) 32418549Ssam environ = envinit; 32536515Sbostic (void)setenv("HOME", pwd->pw_dir, 1); 32636515Sbostic (void)setenv("SHELL", pwd->pw_shell, 1); 32718549Ssam if (term[0] == '\0') 32836647Skarels strncpy(term, stypeof(tty), sizeof(term)); 32936515Sbostic (void)setenv("TERM", term, 0); 33050249Sbostic (void)setenv("LOGNAME", pwd->pw_name, 1); 33136515Sbostic (void)setenv("USER", pwd->pw_name, 1); 33237252Sbostic (void)setenv("PATH", _PATH_DEFPATH, 0); 33349957Skarels #ifdef KERBEROS 33449957Skarels if (krbtkfile_env) 33549957Skarels (void)setenv("KRBTKFILE", krbtkfile_env, 1); 33649957Skarels #endif 33718549Ssam 33816453Sroot if (tty[sizeof("tty")-1] == 'd') 33918549Ssam syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 34044348Skarels /* if fflag is on, assume caller/authenticator has logged root login */ 34149957Skarels if (rootlogin && fflag == 0) 34236460Sbostic if (hostname) 34347685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 34447685Skfall username, tty, hostname); 34525230Smckusick else 34647685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty); 34736460Sbostic 34843653Sbostic #ifdef KERBEROS 34943653Sbostic if (!quietlog && notickets == 1) 35043653Sbostic (void)printf("Warning: no Kerberos tickets issued.\n"); 35143653Sbostic #endif 35243653Sbostic 3536329Swnj if (!quietlog) { 35417664Sserge struct stat st; 35518549Ssam 35647437Skarels printf( 35747437Skarels "Copyright (c) 1980,1983,1986,1988,1990,1991 The Regents of the University\n%s", 35847437Skarels "of California. All rights reserved.\n\n"); 35936460Sbostic motd(); 36037203Sbostic (void)sprintf(tbuf, "%s/%s", _PATH_MAILDIR, pwd->pw_name); 36136460Sbostic if (stat(tbuf, &st) == 0 && st.st_size != 0) 36237203Sbostic (void)printf("You have %smail.\n", 36336460Sbostic (st.st_mtime > st.st_atime) ? "new " : ""); 3642822Swnj } 36536460Sbostic 36636460Sbostic (void)signal(SIGALRM, SIG_DFL); 36736460Sbostic (void)signal(SIGQUIT, SIG_DFL); 36836460Sbostic (void)signal(SIGINT, SIG_DFL); 36936460Sbostic (void)signal(SIGTSTP, SIG_IGN); 37036460Sbostic 37136460Sbostic tbuf[0] = '-'; 37236460Sbostic strcpy(tbuf + 1, (p = rindex(pwd->pw_shell, '/')) ? 37336460Sbostic p + 1 : pwd->pw_shell); 37437203Sbostic 37540009Ssklower if (setlogin(pwd->pw_name) < 0) 37640009Ssklower syslog(LOG_ERR, "setlogin() failure: %m"); 37737692Sbostic 37837203Sbostic /* discard permissions last so can't get killed and drop core */ 37949957Skarels if (rootlogin) 38047685Skfall (void) setuid(0); 38147685Skfall else 38249957Skarels (void) setuid(pwd->pw_uid); 38337203Sbostic 38436460Sbostic execlp(pwd->pw_shell, tbuf, 0); 38550274Sbostic (void)fprintf(stderr, "%s: %s\n", pwd->pw_shell, strerror(errno)); 38650274Sbostic exit(1); 3871043Sbill } 3881043Sbill 38947685Skfall #ifdef KERBEROS 39047685Skfall #define NBUFSIZ (UT_NAMESIZE + 1 + 5) /* .root suffix */ 39147685Skfall #else 39247685Skfall #define NBUFSIZ (UT_NAMESIZE + 1) 39347685Skfall #endif 39447685Skfall 39536460Sbostic getloginname() 39612687Ssam { 39736460Sbostic register int ch; 39849957Skarels register char *p; 39947685Skfall static char nbuf[NBUFSIZ]; 40012687Ssam 40136460Sbostic for (;;) { 40237203Sbostic (void)printf("login: "); 40336515Sbostic for (p = nbuf; (ch = getchar()) != '\n'; ) { 40436549Sbostic if (ch == EOF) { 40536549Sbostic badlogin(username); 40612687Ssam exit(0); 40736549Sbostic } 40847685Skfall if (p < nbuf + (NBUFSIZ - 1)) 40936460Sbostic *p++ = ch; 41012687Ssam } 41136460Sbostic if (p > nbuf) 41236460Sbostic if (nbuf[0] == '-') 41337203Sbostic (void)fprintf(stderr, 41436460Sbostic "login names may not start with '-'.\n"); 41536460Sbostic else { 41636460Sbostic *p = '\0'; 41736460Sbostic username = nbuf; 41836515Sbostic break; 41936460Sbostic } 42012687Ssam } 42112687Ssam } 42212687Ssam 42343653Sbostic void 42412687Ssam timedout() 42512687Ssam { 42637203Sbostic (void)fprintf(stderr, "Login timed out after %d seconds\n", timeout); 42712687Ssam exit(0); 42812687Ssam } 42912687Ssam 43036647Skarels rootterm(ttyn) 43136647Skarels char *ttyn; 4321043Sbill { 43336460Sbostic struct ttyent *t; 4346466Swnj 43536647Skarels return((t = getttynam(ttyn)) && t->ty_status&TTY_SECURE); 4361043Sbill } 4371043Sbill 43836515Sbostic jmp_buf motdinterrupt; 43936515Sbostic 44036460Sbostic motd() 4412822Swnj { 44236515Sbostic register int fd, nchars; 44338726Skfall sig_t oldint; 44446835Sbostic void sigint(); 44536515Sbostic char tbuf[8192]; 4462822Swnj 44737203Sbostic if ((fd = open(_PATH_MOTDFILE, O_RDONLY, 0)) < 0) 44836460Sbostic return; 44936460Sbostic oldint = signal(SIGINT, sigint); 45036515Sbostic if (setjmp(motdinterrupt) == 0) 45136515Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 45236515Sbostic (void)write(fileno(stdout), tbuf, nchars); 45336460Sbostic (void)signal(SIGINT, oldint); 45436515Sbostic (void)close(fd); 45536460Sbostic } 45636460Sbostic 45746835Sbostic void 45836460Sbostic sigint() 45936460Sbostic { 46036515Sbostic longjmp(motdinterrupt, 1); 46136460Sbostic } 46236460Sbostic 46336460Sbostic checknologin() 46436460Sbostic { 46536460Sbostic register int fd, nchars; 46636515Sbostic char tbuf[8192]; 46736460Sbostic 46837203Sbostic if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 46936460Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 47036460Sbostic (void)write(fileno(stdout), tbuf, nchars); 47136460Sbostic sleepexit(0); 4722822Swnj } 4732822Swnj } 4742822Swnj 47536549Sbostic dolastlog(quiet) 47636460Sbostic int quiet; 4771043Sbill { 47836460Sbostic struct lastlog ll; 47936460Sbostic int fd; 48036880Sbostic char *ctime(); 4811043Sbill 48237203Sbostic if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { 48336515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 48436460Sbostic if (!quiet) { 48536460Sbostic if (read(fd, (char *)&ll, sizeof(ll)) == sizeof(ll) && 48636460Sbostic ll.ll_time != 0) { 48737203Sbostic (void)printf("Last login: %.*s ", 48836460Sbostic 24-5, (char *)ctime(&ll.ll_time)); 48936460Sbostic if (*ll.ll_host != '\0') 49037203Sbostic (void)printf("from %.*s\n", 49136460Sbostic sizeof(ll.ll_host), ll.ll_host); 49236460Sbostic else 49337203Sbostic (void)printf("on %.*s\n", 49436460Sbostic sizeof(ll.ll_line), ll.ll_line); 49536460Sbostic } 49636515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 49736460Sbostic } 49843653Sbostic bzero((void *)&ll, sizeof(ll)); 49936460Sbostic (void)time(&ll.ll_time); 50036460Sbostic strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 50136591Sbostic if (hostname) 50236591Sbostic strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); 50336460Sbostic (void)write(fd, (char *)&ll, sizeof(ll)); 50436460Sbostic (void)close(fd); 5051043Sbill } 5061043Sbill } 5071043Sbill 50836549Sbostic badlogin(name) 50936549Sbostic char *name; 51036549Sbostic { 51136647Skarels if (failures == 0) 51236549Sbostic return; 51345431Sbostic if (hostname) { 51445431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s", 51545431Sbostic failures, failures > 1 ? "S" : "", hostname); 51645431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 51745431Sbostic "%d LOGIN FAILURE%s FROM %s, %s", 51836647Skarels failures, failures > 1 ? "S" : "", hostname, name); 51945431Sbostic } else { 52045431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s", 52145431Sbostic failures, failures > 1 ? "S" : "", tty); 52245431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 52345431Sbostic "%d LOGIN FAILURE%s ON %s, %s", 52436647Skarels failures, failures > 1 ? "S" : "", tty, name); 52545431Sbostic } 52636549Sbostic } 52736549Sbostic 5282822Swnj #undef UNKNOWN 52936460Sbostic #define UNKNOWN "su" 5301043Sbill 5311043Sbill char * 53236647Skarels stypeof(ttyid) 53336647Skarels char *ttyid; 5341043Sbill { 53536460Sbostic struct ttyent *t; 5361043Sbill 53736647Skarels return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN); 5381043Sbill } 5396005Swnj 54036460Sbostic sleepexit(eval) 54136460Sbostic int eval; 54226862Smckusick { 54336460Sbostic sleep((u_int)5); 54436460Sbostic exit(eval); 54526862Smckusick } 546