143653Sbostic /*- 247437Skarels * Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University 347437Skarels * of California. All rights reserved. 436515Sbostic * 543653Sbostic * %sccs.include.redist.c% 619843Sdist */ 719843Sdist 812678Ssam #ifndef lint 919843Sdist char copyright[] = 1047437Skarels "@(#) Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University of California.\n\ 1119843Sdist All rights reserved.\n"; 1236515Sbostic #endif /* not lint */ 1312678Ssam 1419843Sdist #ifndef lint 15*53273Sbostic static char sccsid[] = "@(#)login.c 5.76 (Berkeley) 04/26/92"; 1636515Sbostic #endif /* not lint */ 1719843Sdist 181043Sbill /* 191043Sbill * login [ name ] 2031695Skarels * login -h hostname (for telnetd, etc.) 2131695Skarels * login -f name (for pre-authenticated login: datakit, xterm, etc.) 221043Sbill */ 231043Sbill 2412984Ssam #include <sys/param.h> 2512687Ssam #include <sys/stat.h> 2612687Ssam #include <sys/time.h> 2712687Ssam #include <sys/resource.h> 2816453Sroot #include <sys/file.h> 2912687Ssam 301043Sbill #include <utmp.h> 311043Sbill #include <signal.h> 3212678Ssam #include <errno.h> 3316453Sroot #include <ttyent.h> 3416453Sroot #include <syslog.h> 3526862Smckusick #include <grp.h> 3636460Sbostic #include <pwd.h> 3736515Sbostic #include <setjmp.h> 3836460Sbostic #include <stdio.h> 3942063Sbostic #include <string.h> 4037203Sbostic #include <tzfile.h> 4137203Sbostic #include "pathnames.h" 421043Sbill 4336460Sbostic #define TTYGRPNAME "tty" /* name of group to own ttys */ 4426862Smckusick 4512687Ssam /* 4636460Sbostic * This bounds the time given to login. Not a define so it can 4736460Sbostic * be patched on machines where it's too small. 4812687Ssam */ 4931509Sbostic int timeout = 300; 5049957Skarels int rootlogin; 5143653Sbostic #ifdef KERBEROS 5243653Sbostic int notickets = 1; 5349957Skarels char *instance; 5449957Skarels char *krbtkfile_env; 5549957Skarels int authok; 5643653Sbostic #endif 576005Swnj 5836647Skarels struct passwd *pwd; 5936647Skarels int failures; 6040490Sbostic char term[64], *envinit[1], *hostname, *username, *tty; 616005Swnj 621043Sbill main(argc, argv) 6336460Sbostic int argc; 6436460Sbostic char **argv; 651043Sbill { 6643653Sbostic extern int optind; 6736460Sbostic extern char *optarg, **environ; 6836880Sbostic struct timeval tp; 6936460Sbostic struct group *gr; 7036460Sbostic register int ch; 7136647Skarels register char *p; 7239271Skfall int ask, fflag, hflag, pflag, cnt, uid; 7344568Smarc int quietlog, rval; 7443653Sbostic char *domain, *salt, *ttyn; 7537692Sbostic char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 7638034Skfall char localhost[MAXHOSTNAMELEN]; 7736880Sbostic char *ctime(), *ttyname(), *stypeof(), *crypt(), *getpass(); 7836460Sbostic time_t time(); 7936460Sbostic off_t lseek(); 8043653Sbostic void timedout(); 811043Sbill 8236460Sbostic (void)signal(SIGALRM, timedout); 8336460Sbostic (void)alarm((u_int)timeout); 8436460Sbostic (void)signal(SIGQUIT, SIG_IGN); 8536460Sbostic (void)signal(SIGINT, SIG_IGN); 8636460Sbostic (void)setpriority(PRIO_PROCESS, 0, 0); 8736460Sbostic 8842502Sbostic openlog("login", LOG_ODELAY, LOG_AUTH); 8942502Sbostic 9012687Ssam /* 9118549Ssam * -p is used by getty to tell login not to destroy the environment 9231695Skarels * -f is used to skip a second login authentication 9336523Skarels * -h is used by other servers to pass the name of the remote 9436523Skarels * host to login so that it may be placed in utmp and wtmp 9512687Ssam */ 9638034Skfall domain = NULL; 9738034Skfall if (gethostname(localhost, sizeof(localhost)) < 0) 9838034Skfall syslog(LOG_ERR, "couldn't get local hostname: %m"); 9938034Skfall else 10038034Skfall domain = index(localhost, '.'); 10136460Sbostic 10237203Sbostic fflag = hflag = pflag = 0; 10339271Skfall uid = getuid(); 10437203Sbostic while ((ch = getopt(argc, argv, "fh:p")) != EOF) 10536515Sbostic switch (ch) { 10636460Sbostic case 'f': 10736460Sbostic fflag = 1; 10836460Sbostic break; 10936460Sbostic case 'h': 11039271Skfall if (uid) { 11137203Sbostic (void)fprintf(stderr, 11250174Sbostic "login: -h option: %s\n", strerror(EPERM)); 11332313Sbostic exit(1); 11431695Skarels } 11536460Sbostic hflag = 1; 11636460Sbostic if (domain && (p = index(optarg, '.')) && 11736553Sbostic strcasecmp(p, domain) == 0) 11836460Sbostic *p = 0; 11936460Sbostic hostname = optarg; 12036460Sbostic break; 12136460Sbostic case 'p': 12218549Ssam pflag = 1; 12336460Sbostic break; 12436460Sbostic case '?': 12536460Sbostic default: 12639271Skfall if (!uid) 12739271Skfall syslog(LOG_ERR, "invalid flag %c", ch); 12837203Sbostic (void)fprintf(stderr, 12950274Sbostic "usage: login [-fp] [-h hostname] [username]\n"); 13036460Sbostic exit(1); 13118549Ssam } 13236460Sbostic argc -= optind; 13336460Sbostic argv += optind; 13436549Sbostic if (*argv) { 13536647Skarels username = *argv; 13636549Sbostic ask = 0; 13736647Skarels } else 13836549Sbostic ask = 1; 13936460Sbostic 14036460Sbostic for (cnt = getdtablesize(); cnt > 2; cnt--) 14136460Sbostic close(cnt); 14236460Sbostic 1431043Sbill ttyn = ttyname(0); 14437692Sbostic if (ttyn == NULL || *ttyn == '\0') { 14537692Sbostic (void)sprintf(tname, "%s??", _PATH_TTY); 14637692Sbostic ttyn = tname; 14737692Sbostic } 14836460Sbostic if (tty = rindex(ttyn, '/')) 14936460Sbostic ++tty; 15036460Sbostic else 15116453Sroot tty = ttyn; 15236460Sbostic 15336549Sbostic for (cnt = 0;; ask = 1) { 15436549Sbostic if (ask) { 15536515Sbostic fflag = 0; 15636460Sbostic getloginname(); 15736515Sbostic } 158*53273Sbostic rootlogin = 0; 15949957Skarels #ifdef KERBEROS 16049957Skarels if ((instance = index(username, '.')) != NULL) { 16149957Skarels if (strncmp(instance, ".root", 5) == 0) 162*53273Sbostic rootlogin = 1; 16349957Skarels *instance++ = '\0'; 164*53273Sbostic } else 16549957Skarels instance = ""; 16649957Skarels #endif 16749957Skarels if (strlen(username) > UT_NAMESIZE) 16849957Skarels username[UT_NAMESIZE] = '\0'; 16949957Skarels 17036647Skarels /* 17139271Skfall * Note if trying multiple user names; log failures for 17239271Skfall * previous user name, but don't bother logging one failure 17336647Skarels * for nonexistent name (mistyped username). 17436647Skarels */ 17536647Skarels if (failures && strcmp(tbuf, username)) { 17636647Skarels if (failures > (pwd ? 0 : 1)) 17736549Sbostic badlogin(tbuf); 17836647Skarels failures = 0; 17936549Sbostic } 18036647Skarels (void)strcpy(tbuf, username); 18143659Sbostic 18236515Sbostic if (pwd = getpwnam(username)) 18336515Sbostic salt = pwd->pw_passwd; 18443659Sbostic else 18543659Sbostic salt = "xx"; 18636460Sbostic 18712687Ssam /* 18843674Sbostic * if we have a valid account name, and it doesn't have a 18943674Sbostic * password, or the -f option was specified and the caller 19043674Sbostic * is root or the caller isn't changing their uid, don't 19143674Sbostic * authenticate. 19212687Ssam */ 19343674Sbostic if (pwd && (*pwd->pw_passwd == '\0' || 19443674Sbostic fflag && (uid == 0 || uid == pwd->pw_uid))) 19536460Sbostic break; 19644348Skarels fflag = 0; 19749957Skarels if (pwd && pwd->pw_uid == 0) 19849957Skarels rootlogin = 1; 19912687Ssam 20049957Skarels (void)setpriority(PRIO_PROCESS, 0, -4); 20149957Skarels 20249957Skarels p = getpass("Password:"); 20349957Skarels 20449957Skarels if (pwd) { 20549957Skarels #ifdef KERBEROS 20649957Skarels rval = klogin(pwd, instance, localhost, p); 20749957Skarels if (rval == 0) 20849957Skarels authok = 1; 209*53273Sbostic else if (rval == 1) 21049957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 21149957Skarels #else 21249957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 21349957Skarels #endif 21449957Skarels } 21549957Skarels bzero(p, strlen(p)); 21649957Skarels 21749957Skarels (void)setpriority(PRIO_PROCESS, 0, 0); 21849957Skarels 21939271Skfall /* 22049957Skarels * If trying to log in as root without Kerberos, 22149957Skarels * but with insecure terminal, refuse the login attempt. 22239271Skfall */ 22349957Skarels #ifdef KERBEROS 22449957Skarels if (authok == 0) 22549957Skarels #endif 22649957Skarels if (pwd && rootlogin && !rootterm(tty)) { 22739271Skfall (void)fprintf(stderr, 22839271Skfall "%s login refused on this terminal.\n", 22939271Skfall pwd->pw_name); 23039271Skfall if (hostname) 23139271Skfall syslog(LOG_NOTICE, 23239271Skfall "LOGIN %s REFUSED FROM %s ON TTY %s", 23339271Skfall pwd->pw_name, hostname, tty); 23439271Skfall else 23539271Skfall syslog(LOG_NOTICE, 23639271Skfall "LOGIN %s REFUSED ON TTY %s", 23739271Skfall pwd->pw_name, tty); 23839271Skfall continue; 23939271Skfall } 24039271Skfall 24143659Sbostic if (pwd && !rval) 24236460Sbostic break; 24336460Sbostic 24443659Sbostic (void)printf("Login incorrect\n"); 24536647Skarels failures++; 24636549Sbostic /* we allow 10 tries, but after 3 we start backing off */ 24736549Sbostic if (++cnt > 3) { 24836549Sbostic if (cnt >= 10) { 24936549Sbostic badlogin(username); 25036549Sbostic sleepexit(1); 25136549Sbostic } 25236549Sbostic sleep((u_int)((cnt - 3) * 5)); 2532822Swnj } 25436460Sbostic } 2551043Sbill 25636460Sbostic /* committed to login -- turn off timeout */ 25736460Sbostic (void)alarm((u_int)0); 25836460Sbostic 25937692Sbostic endpwent(); 26037692Sbostic 26143663Sbostic /* if user not super-user, check for disabled logins */ 26250274Sbostic if (!rootlogin) 26343663Sbostic checknologin(); 26443663Sbostic 26536515Sbostic if (chdir(pwd->pw_dir) < 0) { 26650274Sbostic (void)printf("No home directory %s!\n", pwd->pw_dir); 26736515Sbostic if (chdir("/")) 26836515Sbostic exit(0); 26936515Sbostic pwd->pw_dir = "/"; 27037203Sbostic (void)printf("Logging in with home = \"/\".\n"); 27136515Sbostic } 27236515Sbostic 27337203Sbostic quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 27437203Sbostic 27536880Sbostic if (pwd->pw_change || pwd->pw_expire) 27636880Sbostic (void)gettimeofday(&tp, (struct timezone *)NULL); 27736880Sbostic if (pwd->pw_change) 27836880Sbostic if (tp.tv_sec >= pwd->pw_change) { 27937203Sbostic (void)printf("Sorry -- your password has expired.\n"); 28036880Sbostic sleepexit(1); 28149957Skarels } else if (pwd->pw_change - tp.tv_sec < 28243660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 28343660Sbostic (void)printf("Warning: your password expires on %s", 28450719Sbostic ctime(&pwd->pw_change)); 28536880Sbostic if (pwd->pw_expire) 28636880Sbostic if (tp.tv_sec >= pwd->pw_expire) { 28737203Sbostic (void)printf("Sorry -- your account has expired.\n"); 28836880Sbostic sleepexit(1); 28949957Skarels } else if (pwd->pw_expire - tp.tv_sec < 29043660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 29143660Sbostic (void)printf("Warning: your account expires on %s", 29243660Sbostic ctime(&pwd->pw_expire)); 29336880Sbostic 29436515Sbostic /* nothing else left to fail -- really log in */ 29536460Sbostic { 29636460Sbostic struct utmp utmp; 29736460Sbostic 29843653Sbostic bzero((void *)&utmp, sizeof(utmp)); 29936460Sbostic (void)time(&utmp.ut_time); 30036460Sbostic strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); 30136591Sbostic if (hostname) 30236591Sbostic strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); 30336460Sbostic strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); 30436460Sbostic login(&utmp); 30536460Sbostic } 30636460Sbostic 30736549Sbostic dolastlog(quietlog); 30836460Sbostic 30936460Sbostic (void)chown(ttyn, pwd->pw_uid, 31036460Sbostic (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 31136460Sbostic (void)setgid(pwd->pw_gid); 31236460Sbostic 31336460Sbostic initgroups(username, pwd->pw_gid); 31436460Sbostic 31536515Sbostic if (*pwd->pw_shell == '\0') 31637203Sbostic pwd->pw_shell = _PATH_BSHELL; 31736515Sbostic 31836460Sbostic /* destroy environment unless user has requested preservation */ 31918549Ssam if (!pflag) 32018549Ssam environ = envinit; 32136515Sbostic (void)setenv("HOME", pwd->pw_dir, 1); 32236515Sbostic (void)setenv("SHELL", pwd->pw_shell, 1); 32318549Ssam if (term[0] == '\0') 32436647Skarels strncpy(term, stypeof(tty), sizeof(term)); 32536515Sbostic (void)setenv("TERM", term, 0); 32650249Sbostic (void)setenv("LOGNAME", pwd->pw_name, 1); 32736515Sbostic (void)setenv("USER", pwd->pw_name, 1); 32837252Sbostic (void)setenv("PATH", _PATH_DEFPATH, 0); 32949957Skarels #ifdef KERBEROS 33049957Skarels if (krbtkfile_env) 33149957Skarels (void)setenv("KRBTKFILE", krbtkfile_env, 1); 33249957Skarels #endif 33318549Ssam 33416453Sroot if (tty[sizeof("tty")-1] == 'd') 33518549Ssam syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 33644348Skarels /* if fflag is on, assume caller/authenticator has logged root login */ 33749957Skarels if (rootlogin && fflag == 0) 33836460Sbostic if (hostname) 33947685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 34047685Skfall username, tty, hostname); 34125230Smckusick else 34247685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty); 34336460Sbostic 34443653Sbostic #ifdef KERBEROS 34543653Sbostic if (!quietlog && notickets == 1) 34643653Sbostic (void)printf("Warning: no Kerberos tickets issued.\n"); 34743653Sbostic #endif 34843653Sbostic 3496329Swnj if (!quietlog) { 35017664Sserge struct stat st; 35118549Ssam 35247437Skarels printf( 35347437Skarels "Copyright (c) 1980,1983,1986,1988,1990,1991 The Regents of the University\n%s", 35447437Skarels "of California. All rights reserved.\n\n"); 35536460Sbostic motd(); 35637203Sbostic (void)sprintf(tbuf, "%s/%s", _PATH_MAILDIR, pwd->pw_name); 35736460Sbostic if (stat(tbuf, &st) == 0 && st.st_size != 0) 35837203Sbostic (void)printf("You have %smail.\n", 35936460Sbostic (st.st_mtime > st.st_atime) ? "new " : ""); 3602822Swnj } 36136460Sbostic 36236460Sbostic (void)signal(SIGALRM, SIG_DFL); 36336460Sbostic (void)signal(SIGQUIT, SIG_DFL); 36436460Sbostic (void)signal(SIGINT, SIG_DFL); 36536460Sbostic (void)signal(SIGTSTP, SIG_IGN); 36636460Sbostic 36736460Sbostic tbuf[0] = '-'; 36836460Sbostic strcpy(tbuf + 1, (p = rindex(pwd->pw_shell, '/')) ? 36936460Sbostic p + 1 : pwd->pw_shell); 37037203Sbostic 37140009Ssklower if (setlogin(pwd->pw_name) < 0) 37240009Ssklower syslog(LOG_ERR, "setlogin() failure: %m"); 37337692Sbostic 374*53273Sbostic /* Discard permissions last so can't get killed and drop core. */ 37549957Skarels if (rootlogin) 37647685Skfall (void) setuid(0); 37747685Skfall else 37849957Skarels (void) setuid(pwd->pw_uid); 37937203Sbostic 38036460Sbostic execlp(pwd->pw_shell, tbuf, 0); 38150274Sbostic (void)fprintf(stderr, "%s: %s\n", pwd->pw_shell, strerror(errno)); 38250274Sbostic exit(1); 3831043Sbill } 3841043Sbill 38547685Skfall #ifdef KERBEROS 38647685Skfall #define NBUFSIZ (UT_NAMESIZE + 1 + 5) /* .root suffix */ 38747685Skfall #else 38847685Skfall #define NBUFSIZ (UT_NAMESIZE + 1) 38947685Skfall #endif 39047685Skfall 39136460Sbostic getloginname() 39212687Ssam { 39336460Sbostic register int ch; 39449957Skarels register char *p; 39547685Skfall static char nbuf[NBUFSIZ]; 39612687Ssam 39736460Sbostic for (;;) { 39837203Sbostic (void)printf("login: "); 39936515Sbostic for (p = nbuf; (ch = getchar()) != '\n'; ) { 40036549Sbostic if (ch == EOF) { 40136549Sbostic badlogin(username); 40212687Ssam exit(0); 40336549Sbostic } 40447685Skfall if (p < nbuf + (NBUFSIZ - 1)) 40536460Sbostic *p++ = ch; 40612687Ssam } 40736460Sbostic if (p > nbuf) 40836460Sbostic if (nbuf[0] == '-') 40937203Sbostic (void)fprintf(stderr, 41036460Sbostic "login names may not start with '-'.\n"); 41136460Sbostic else { 41236460Sbostic *p = '\0'; 41336460Sbostic username = nbuf; 41436515Sbostic break; 41536460Sbostic } 41612687Ssam } 41712687Ssam } 41812687Ssam 41943653Sbostic void 42012687Ssam timedout() 42112687Ssam { 42237203Sbostic (void)fprintf(stderr, "Login timed out after %d seconds\n", timeout); 42312687Ssam exit(0); 42412687Ssam } 42512687Ssam 42636647Skarels rootterm(ttyn) 42736647Skarels char *ttyn; 4281043Sbill { 42936460Sbostic struct ttyent *t; 4306466Swnj 43136647Skarels return((t = getttynam(ttyn)) && t->ty_status&TTY_SECURE); 4321043Sbill } 4331043Sbill 43436515Sbostic jmp_buf motdinterrupt; 43536515Sbostic 43636460Sbostic motd() 4372822Swnj { 43836515Sbostic register int fd, nchars; 43938726Skfall sig_t oldint; 44046835Sbostic void sigint(); 44136515Sbostic char tbuf[8192]; 4422822Swnj 44337203Sbostic if ((fd = open(_PATH_MOTDFILE, O_RDONLY, 0)) < 0) 44436460Sbostic return; 44536460Sbostic oldint = signal(SIGINT, sigint); 44636515Sbostic if (setjmp(motdinterrupt) == 0) 44736515Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 44836515Sbostic (void)write(fileno(stdout), tbuf, nchars); 44936460Sbostic (void)signal(SIGINT, oldint); 45036515Sbostic (void)close(fd); 45136460Sbostic } 45236460Sbostic 45346835Sbostic void 45436460Sbostic sigint() 45536460Sbostic { 45636515Sbostic longjmp(motdinterrupt, 1); 45736460Sbostic } 45836460Sbostic 45936460Sbostic checknologin() 46036460Sbostic { 46136460Sbostic register int fd, nchars; 46236515Sbostic char tbuf[8192]; 46336460Sbostic 46437203Sbostic if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 46536460Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 46636460Sbostic (void)write(fileno(stdout), tbuf, nchars); 46736460Sbostic sleepexit(0); 4682822Swnj } 4692822Swnj } 4702822Swnj 47136549Sbostic dolastlog(quiet) 47236460Sbostic int quiet; 4731043Sbill { 47436460Sbostic struct lastlog ll; 47536460Sbostic int fd; 47636880Sbostic char *ctime(); 4771043Sbill 47837203Sbostic if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { 47936515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 48036460Sbostic if (!quiet) { 48136460Sbostic if (read(fd, (char *)&ll, sizeof(ll)) == sizeof(ll) && 48236460Sbostic ll.ll_time != 0) { 48337203Sbostic (void)printf("Last login: %.*s ", 48436460Sbostic 24-5, (char *)ctime(&ll.ll_time)); 48536460Sbostic if (*ll.ll_host != '\0') 48637203Sbostic (void)printf("from %.*s\n", 48736460Sbostic sizeof(ll.ll_host), ll.ll_host); 48836460Sbostic else 48937203Sbostic (void)printf("on %.*s\n", 49036460Sbostic sizeof(ll.ll_line), ll.ll_line); 49136460Sbostic } 49236515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 49336460Sbostic } 49443653Sbostic bzero((void *)&ll, sizeof(ll)); 49536460Sbostic (void)time(&ll.ll_time); 49636460Sbostic strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 49736591Sbostic if (hostname) 49836591Sbostic strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); 49936460Sbostic (void)write(fd, (char *)&ll, sizeof(ll)); 50036460Sbostic (void)close(fd); 5011043Sbill } 5021043Sbill } 5031043Sbill 50436549Sbostic badlogin(name) 50536549Sbostic char *name; 50636549Sbostic { 50736647Skarels if (failures == 0) 50836549Sbostic return; 50945431Sbostic if (hostname) { 51045431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s", 51145431Sbostic failures, failures > 1 ? "S" : "", hostname); 51245431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 51345431Sbostic "%d LOGIN FAILURE%s FROM %s, %s", 51436647Skarels failures, failures > 1 ? "S" : "", hostname, name); 51545431Sbostic } else { 51645431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s", 51745431Sbostic failures, failures > 1 ? "S" : "", tty); 51845431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 51945431Sbostic "%d LOGIN FAILURE%s ON %s, %s", 52036647Skarels failures, failures > 1 ? "S" : "", tty, name); 52145431Sbostic } 52236549Sbostic } 52336549Sbostic 5242822Swnj #undef UNKNOWN 52536460Sbostic #define UNKNOWN "su" 5261043Sbill 5271043Sbill char * 52836647Skarels stypeof(ttyid) 52936647Skarels char *ttyid; 5301043Sbill { 53136460Sbostic struct ttyent *t; 5321043Sbill 53336647Skarels return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN); 5341043Sbill } 5356005Swnj 53636460Sbostic sleepexit(eval) 53736460Sbostic int eval; 53826862Smckusick { 53936460Sbostic sleep((u_int)5); 54036460Sbostic exit(eval); 54126862Smckusick } 542