143653Sbostic /*- 247437Skarels * Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University 347437Skarels * of California. All rights reserved. 436515Sbostic * 543653Sbostic * %sccs.include.redist.c% 619843Sdist */ 719843Sdist 812678Ssam #ifndef lint 919843Sdist char copyright[] = 1047437Skarels "@(#) Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University of California.\n\ 1119843Sdist All rights reserved.\n"; 1236515Sbostic #endif /* not lint */ 1312678Ssam 1419843Sdist #ifndef lint 15*53274Sbostic static char sccsid[] = "@(#)login.c 5.77 (Berkeley) 04/26/92"; 1636515Sbostic #endif /* not lint */ 1719843Sdist 181043Sbill /* 191043Sbill * login [ name ] 2031695Skarels * login -h hostname (for telnetd, etc.) 2131695Skarels * login -f name (for pre-authenticated login: datakit, xterm, etc.) 221043Sbill */ 231043Sbill 2412984Ssam #include <sys/param.h> 2512687Ssam #include <sys/stat.h> 2612687Ssam #include <sys/time.h> 2712687Ssam #include <sys/resource.h> 2816453Sroot #include <sys/file.h> 2912687Ssam 301043Sbill #include <signal.h> 3116453Sroot #include <ttyent.h> 3216453Sroot #include <syslog.h> 33*53274Sbostic #include <setjmp.h> 34*53274Sbostic #include <tzfile.h> 35*53274Sbostic #include <utmp.h> 36*53274Sbostic #include <errno.h> 3726862Smckusick #include <grp.h> 3836460Sbostic #include <pwd.h> 39*53274Sbostic #include <unistd.h> 4036460Sbostic #include <stdio.h> 41*53274Sbostic #include <stdlib.h> 4242063Sbostic #include <string.h> 4337203Sbostic #include "pathnames.h" 441043Sbill 45*53274Sbostic void badlogin __P((char *)); 46*53274Sbostic void checknologin __P((void)); 47*53274Sbostic void dolastlog __P((int)); 48*53274Sbostic void getloginname __P((void)); 49*53274Sbostic void motd __P((void)); 50*53274Sbostic int rootterm __P((char *)); 51*53274Sbostic void sigint __P((int)); 52*53274Sbostic void sleepexit __P((int)); 53*53274Sbostic char *stypeof __P((char *)); 54*53274Sbostic void timedout __P((int)); 55*53274Sbostic 5636460Sbostic #define TTYGRPNAME "tty" /* name of group to own ttys */ 5726862Smckusick 5812687Ssam /* 5936460Sbostic * This bounds the time given to login. Not a define so it can 6036460Sbostic * be patched on machines where it's too small. 6112687Ssam */ 6231509Sbostic int timeout = 300; 63*53274Sbostic 6443653Sbostic #ifdef KERBEROS 6543653Sbostic int notickets = 1; 6649957Skarels char *instance; 6749957Skarels char *krbtkfile_env; 6849957Skarels int authok; 6943653Sbostic #endif 706005Swnj 7136647Skarels struct passwd *pwd; 7236647Skarels int failures; 7340490Sbostic char term[64], *envinit[1], *hostname, *username, *tty; 746005Swnj 75*53274Sbostic int 761043Sbill main(argc, argv) 7736460Sbostic int argc; 78*53274Sbostic char *argv[]; 791043Sbill { 80*53274Sbostic extern char **environ; 8136460Sbostic register int ch; 8236647Skarels register char *p; 83*53274Sbostic struct group *gr; 84*53274Sbostic struct stat st; 85*53274Sbostic struct timeval tp; 86*53274Sbostic struct utmp utmp; 87*53274Sbostic int ask, cnt, fflag, hflag, pflag, quietlog, rootlogin, rval, uid; 8843653Sbostic char *domain, *salt, *ttyn; 8937692Sbostic char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 9038034Skfall char localhost[MAXHOSTNAMELEN]; 911043Sbill 9236460Sbostic (void)signal(SIGALRM, timedout); 9336460Sbostic (void)alarm((u_int)timeout); 9436460Sbostic (void)signal(SIGQUIT, SIG_IGN); 9536460Sbostic (void)signal(SIGINT, SIG_IGN); 9636460Sbostic (void)setpriority(PRIO_PROCESS, 0, 0); 9736460Sbostic 9842502Sbostic openlog("login", LOG_ODELAY, LOG_AUTH); 9942502Sbostic 10012687Ssam /* 10118549Ssam * -p is used by getty to tell login not to destroy the environment 10231695Skarels * -f is used to skip a second login authentication 10336523Skarels * -h is used by other servers to pass the name of the remote 10436523Skarels * host to login so that it may be placed in utmp and wtmp 10512687Ssam */ 10638034Skfall domain = NULL; 10738034Skfall if (gethostname(localhost, sizeof(localhost)) < 0) 10838034Skfall syslog(LOG_ERR, "couldn't get local hostname: %m"); 10938034Skfall else 11038034Skfall domain = index(localhost, '.'); 11136460Sbostic 11237203Sbostic fflag = hflag = pflag = 0; 11339271Skfall uid = getuid(); 11437203Sbostic while ((ch = getopt(argc, argv, "fh:p")) != EOF) 11536515Sbostic switch (ch) { 11636460Sbostic case 'f': 11736460Sbostic fflag = 1; 11836460Sbostic break; 11936460Sbostic case 'h': 12039271Skfall if (uid) { 12137203Sbostic (void)fprintf(stderr, 12250174Sbostic "login: -h option: %s\n", strerror(EPERM)); 12332313Sbostic exit(1); 12431695Skarels } 12536460Sbostic hflag = 1; 12636460Sbostic if (domain && (p = index(optarg, '.')) && 12736553Sbostic strcasecmp(p, domain) == 0) 12836460Sbostic *p = 0; 12936460Sbostic hostname = optarg; 13036460Sbostic break; 13136460Sbostic case 'p': 13218549Ssam pflag = 1; 13336460Sbostic break; 13436460Sbostic case '?': 13536460Sbostic default: 13639271Skfall if (!uid) 13739271Skfall syslog(LOG_ERR, "invalid flag %c", ch); 13837203Sbostic (void)fprintf(stderr, 13950274Sbostic "usage: login [-fp] [-h hostname] [username]\n"); 14036460Sbostic exit(1); 14118549Ssam } 14236460Sbostic argc -= optind; 14336460Sbostic argv += optind; 144*53274Sbostic 14536549Sbostic if (*argv) { 14636647Skarels username = *argv; 14736549Sbostic ask = 0; 14836647Skarels } else 14936549Sbostic ask = 1; 15036460Sbostic 15136460Sbostic for (cnt = getdtablesize(); cnt > 2; cnt--) 152*53274Sbostic (void)close(cnt); 15336460Sbostic 154*53274Sbostic ttyn = ttyname(STDIN_FILENO); 15537692Sbostic if (ttyn == NULL || *ttyn == '\0') { 156*53274Sbostic (void)snprintf(tname, sizeof(tname), "%s??", _PATH_TTY); 15737692Sbostic ttyn = tname; 15837692Sbostic } 15936460Sbostic if (tty = rindex(ttyn, '/')) 16036460Sbostic ++tty; 16136460Sbostic else 16216453Sroot tty = ttyn; 16336460Sbostic 16436549Sbostic for (cnt = 0;; ask = 1) { 16536549Sbostic if (ask) { 16636515Sbostic fflag = 0; 16736460Sbostic getloginname(); 16836515Sbostic } 16953273Sbostic rootlogin = 0; 17049957Skarels #ifdef KERBEROS 17149957Skarels if ((instance = index(username, '.')) != NULL) { 17249957Skarels if (strncmp(instance, ".root", 5) == 0) 17353273Sbostic rootlogin = 1; 17449957Skarels *instance++ = '\0'; 17553273Sbostic } else 17649957Skarels instance = ""; 17749957Skarels #endif 17849957Skarels if (strlen(username) > UT_NAMESIZE) 17949957Skarels username[UT_NAMESIZE] = '\0'; 18049957Skarels 18136647Skarels /* 18239271Skfall * Note if trying multiple user names; log failures for 18339271Skfall * previous user name, but don't bother logging one failure 18436647Skarels * for nonexistent name (mistyped username). 18536647Skarels */ 18636647Skarels if (failures && strcmp(tbuf, username)) { 18736647Skarels if (failures > (pwd ? 0 : 1)) 18836549Sbostic badlogin(tbuf); 18936647Skarels failures = 0; 19036549Sbostic } 19136647Skarels (void)strcpy(tbuf, username); 19243659Sbostic 19336515Sbostic if (pwd = getpwnam(username)) 19436515Sbostic salt = pwd->pw_passwd; 19543659Sbostic else 19643659Sbostic salt = "xx"; 19736460Sbostic 19812687Ssam /* 19943674Sbostic * if we have a valid account name, and it doesn't have a 20043674Sbostic * password, or the -f option was specified and the caller 20143674Sbostic * is root or the caller isn't changing their uid, don't 20243674Sbostic * authenticate. 20312687Ssam */ 20443674Sbostic if (pwd && (*pwd->pw_passwd == '\0' || 20543674Sbostic fflag && (uid == 0 || uid == pwd->pw_uid))) 20636460Sbostic break; 20744348Skarels fflag = 0; 20849957Skarels if (pwd && pwd->pw_uid == 0) 20949957Skarels rootlogin = 1; 21012687Ssam 21149957Skarels (void)setpriority(PRIO_PROCESS, 0, -4); 21249957Skarels 21349957Skarels p = getpass("Password:"); 21449957Skarels 21549957Skarels if (pwd) { 21649957Skarels #ifdef KERBEROS 21749957Skarels rval = klogin(pwd, instance, localhost, p); 21849957Skarels if (rval == 0) 21949957Skarels authok = 1; 22053273Sbostic else if (rval == 1) 22149957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 22249957Skarels #else 22349957Skarels rval = strcmp(crypt(p, salt), pwd->pw_passwd); 22449957Skarels #endif 22549957Skarels } 22649957Skarels bzero(p, strlen(p)); 22749957Skarels 22849957Skarels (void)setpriority(PRIO_PROCESS, 0, 0); 22949957Skarels 23039271Skfall /* 23149957Skarels * If trying to log in as root without Kerberos, 23249957Skarels * but with insecure terminal, refuse the login attempt. 23339271Skfall */ 23449957Skarels #ifdef KERBEROS 23549957Skarels if (authok == 0) 23649957Skarels #endif 23749957Skarels if (pwd && rootlogin && !rootterm(tty)) { 23839271Skfall (void)fprintf(stderr, 23939271Skfall "%s login refused on this terminal.\n", 24039271Skfall pwd->pw_name); 24139271Skfall if (hostname) 24239271Skfall syslog(LOG_NOTICE, 24339271Skfall "LOGIN %s REFUSED FROM %s ON TTY %s", 24439271Skfall pwd->pw_name, hostname, tty); 24539271Skfall else 24639271Skfall syslog(LOG_NOTICE, 24739271Skfall "LOGIN %s REFUSED ON TTY %s", 24839271Skfall pwd->pw_name, tty); 24939271Skfall continue; 25039271Skfall } 25139271Skfall 25243659Sbostic if (pwd && !rval) 25336460Sbostic break; 25436460Sbostic 25543659Sbostic (void)printf("Login incorrect\n"); 25636647Skarels failures++; 25736549Sbostic /* we allow 10 tries, but after 3 we start backing off */ 25836549Sbostic if (++cnt > 3) { 25936549Sbostic if (cnt >= 10) { 26036549Sbostic badlogin(username); 26136549Sbostic sleepexit(1); 26236549Sbostic } 26336549Sbostic sleep((u_int)((cnt - 3) * 5)); 2642822Swnj } 26536460Sbostic } 2661043Sbill 26736460Sbostic /* committed to login -- turn off timeout */ 26836460Sbostic (void)alarm((u_int)0); 26936460Sbostic 27037692Sbostic endpwent(); 27137692Sbostic 27243663Sbostic /* if user not super-user, check for disabled logins */ 27350274Sbostic if (!rootlogin) 27443663Sbostic checknologin(); 27543663Sbostic 27636515Sbostic if (chdir(pwd->pw_dir) < 0) { 27750274Sbostic (void)printf("No home directory %s!\n", pwd->pw_dir); 27836515Sbostic if (chdir("/")) 27936515Sbostic exit(0); 28036515Sbostic pwd->pw_dir = "/"; 28137203Sbostic (void)printf("Logging in with home = \"/\".\n"); 28236515Sbostic } 28336515Sbostic 28437203Sbostic quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 28537203Sbostic 28636880Sbostic if (pwd->pw_change || pwd->pw_expire) 28736880Sbostic (void)gettimeofday(&tp, (struct timezone *)NULL); 28836880Sbostic if (pwd->pw_change) 28936880Sbostic if (tp.tv_sec >= pwd->pw_change) { 29037203Sbostic (void)printf("Sorry -- your password has expired.\n"); 29136880Sbostic sleepexit(1); 29249957Skarels } else if (pwd->pw_change - tp.tv_sec < 29343660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 29443660Sbostic (void)printf("Warning: your password expires on %s", 29550719Sbostic ctime(&pwd->pw_change)); 29636880Sbostic if (pwd->pw_expire) 29736880Sbostic if (tp.tv_sec >= pwd->pw_expire) { 29837203Sbostic (void)printf("Sorry -- your account has expired.\n"); 29936880Sbostic sleepexit(1); 30049957Skarels } else if (pwd->pw_expire - tp.tv_sec < 30143660Sbostic 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) 30243660Sbostic (void)printf("Warning: your account expires on %s", 30343660Sbostic ctime(&pwd->pw_expire)); 30436880Sbostic 305*53274Sbostic /* Nothing else left to fail -- really log in. */ 306*53274Sbostic bzero((void *)&utmp, sizeof(utmp)); 307*53274Sbostic (void)time(&utmp.ut_time); 308*53274Sbostic strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); 309*53274Sbostic if (hostname) 310*53274Sbostic (void)strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); 311*53274Sbostic (void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); 312*53274Sbostic login(&utmp); 31336460Sbostic 31436549Sbostic dolastlog(quietlog); 31536460Sbostic 31636460Sbostic (void)chown(ttyn, pwd->pw_uid, 31736460Sbostic (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 31836460Sbostic (void)setgid(pwd->pw_gid); 31936460Sbostic 32036460Sbostic initgroups(username, pwd->pw_gid); 32136460Sbostic 32236515Sbostic if (*pwd->pw_shell == '\0') 32337203Sbostic pwd->pw_shell = _PATH_BSHELL; 32436515Sbostic 325*53274Sbostic /* Destroy environment unless user has requested its preservation. */ 32618549Ssam if (!pflag) 32718549Ssam environ = envinit; 32836515Sbostic (void)setenv("HOME", pwd->pw_dir, 1); 32936515Sbostic (void)setenv("SHELL", pwd->pw_shell, 1); 33018549Ssam if (term[0] == '\0') 33136647Skarels strncpy(term, stypeof(tty), sizeof(term)); 33236515Sbostic (void)setenv("TERM", term, 0); 33350249Sbostic (void)setenv("LOGNAME", pwd->pw_name, 1); 33436515Sbostic (void)setenv("USER", pwd->pw_name, 1); 33537252Sbostic (void)setenv("PATH", _PATH_DEFPATH, 0); 33649957Skarels #ifdef KERBEROS 33749957Skarels if (krbtkfile_env) 33849957Skarels (void)setenv("KRBTKFILE", krbtkfile_env, 1); 33949957Skarels #endif 34018549Ssam 34116453Sroot if (tty[sizeof("tty")-1] == 'd') 34218549Ssam syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 343*53274Sbostic 344*53274Sbostic /* If fflag is on, assume caller/authenticator has logged root login. */ 34549957Skarels if (rootlogin && fflag == 0) 34636460Sbostic if (hostname) 34747685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 34847685Skfall username, tty, hostname); 34925230Smckusick else 35047685Skfall syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty); 35136460Sbostic 35243653Sbostic #ifdef KERBEROS 35343653Sbostic if (!quietlog && notickets == 1) 35443653Sbostic (void)printf("Warning: no Kerberos tickets issued.\n"); 35543653Sbostic #endif 35643653Sbostic 3576329Swnj if (!quietlog) { 358*53274Sbostic (void)printf( 35947437Skarels "Copyright (c) 1980,1983,1986,1988,1990,1991 The Regents of the University\n%s", 36047437Skarels "of California. All rights reserved.\n\n"); 36136460Sbostic motd(); 362*53274Sbostic (void)snprintf(tbuf, 363*53274Sbostic sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pwd->pw_name); 36436460Sbostic if (stat(tbuf, &st) == 0 && st.st_size != 0) 36537203Sbostic (void)printf("You have %smail.\n", 36636460Sbostic (st.st_mtime > st.st_atime) ? "new " : ""); 3672822Swnj } 36836460Sbostic 36936460Sbostic (void)signal(SIGALRM, SIG_DFL); 37036460Sbostic (void)signal(SIGQUIT, SIG_DFL); 37136460Sbostic (void)signal(SIGINT, SIG_DFL); 37236460Sbostic (void)signal(SIGTSTP, SIG_IGN); 37336460Sbostic 37436460Sbostic tbuf[0] = '-'; 375*53274Sbostic (void)strcpy(tbuf + 1, (p = rindex(pwd->pw_shell, '/')) ? 37636460Sbostic p + 1 : pwd->pw_shell); 37737203Sbostic 37840009Ssklower if (setlogin(pwd->pw_name) < 0) 37940009Ssklower syslog(LOG_ERR, "setlogin() failure: %m"); 38037692Sbostic 38153273Sbostic /* Discard permissions last so can't get killed and drop core. */ 38249957Skarels if (rootlogin) 38347685Skfall (void) setuid(0); 38447685Skfall else 38549957Skarels (void) setuid(pwd->pw_uid); 38637203Sbostic 38736460Sbostic execlp(pwd->pw_shell, tbuf, 0); 38850274Sbostic (void)fprintf(stderr, "%s: %s\n", pwd->pw_shell, strerror(errno)); 38950274Sbostic exit(1); 3901043Sbill } 3911043Sbill 39247685Skfall #ifdef KERBEROS 393*53274Sbostic #define NBUFSIZ (UT_NAMESIZE + 1 + 5) /* .root suffix */ 39447685Skfall #else 39547685Skfall #define NBUFSIZ (UT_NAMESIZE + 1) 39647685Skfall #endif 39747685Skfall 398*53274Sbostic void 39936460Sbostic getloginname() 40012687Ssam { 40136460Sbostic register int ch; 40249957Skarels register char *p; 40347685Skfall static char nbuf[NBUFSIZ]; 40412687Ssam 40536460Sbostic for (;;) { 40637203Sbostic (void)printf("login: "); 40736515Sbostic for (p = nbuf; (ch = getchar()) != '\n'; ) { 40836549Sbostic if (ch == EOF) { 40936549Sbostic badlogin(username); 41012687Ssam exit(0); 41136549Sbostic } 41247685Skfall if (p < nbuf + (NBUFSIZ - 1)) 41336460Sbostic *p++ = ch; 41412687Ssam } 41536460Sbostic if (p > nbuf) 41636460Sbostic if (nbuf[0] == '-') 41737203Sbostic (void)fprintf(stderr, 41836460Sbostic "login names may not start with '-'.\n"); 41936460Sbostic else { 42036460Sbostic *p = '\0'; 42136460Sbostic username = nbuf; 42236515Sbostic break; 42336460Sbostic } 42412687Ssam } 42512687Ssam } 42612687Ssam 427*53274Sbostic int 42836647Skarels rootterm(ttyn) 42936647Skarels char *ttyn; 4301043Sbill { 43136460Sbostic struct ttyent *t; 4326466Swnj 433*53274Sbostic return((t = getttynam(ttyn)) && t->ty_status & TTY_SECURE); 4341043Sbill } 4351043Sbill 43636515Sbostic jmp_buf motdinterrupt; 43736515Sbostic 438*53274Sbostic void 43936460Sbostic motd() 4402822Swnj { 44136515Sbostic register int fd, nchars; 44238726Skfall sig_t oldint; 44336515Sbostic char tbuf[8192]; 4442822Swnj 44537203Sbostic if ((fd = open(_PATH_MOTDFILE, O_RDONLY, 0)) < 0) 44636460Sbostic return; 44736460Sbostic oldint = signal(SIGINT, sigint); 44836515Sbostic if (setjmp(motdinterrupt) == 0) 44936515Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 45036515Sbostic (void)write(fileno(stdout), tbuf, nchars); 45136460Sbostic (void)signal(SIGINT, oldint); 45236515Sbostic (void)close(fd); 45336460Sbostic } 45436460Sbostic 455*53274Sbostic /* ARGSUSED */ 45646835Sbostic void 457*53274Sbostic sigint(signo) 458*53274Sbostic int signo; 45936460Sbostic { 46036515Sbostic longjmp(motdinterrupt, 1); 46136460Sbostic } 46236460Sbostic 463*53274Sbostic /* ARGSUSED */ 464*53274Sbostic void 465*53274Sbostic timedout(signo) 466*53274Sbostic int signo; 467*53274Sbostic { 468*53274Sbostic (void)fprintf(stderr, "Login timed out after %d seconds\n", timeout); 469*53274Sbostic exit(0); 470*53274Sbostic } 471*53274Sbostic 472*53274Sbostic void 47336460Sbostic checknologin() 47436460Sbostic { 47536460Sbostic register int fd, nchars; 47636515Sbostic char tbuf[8192]; 47736460Sbostic 47837203Sbostic if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 47936460Sbostic while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 48036460Sbostic (void)write(fileno(stdout), tbuf, nchars); 48136460Sbostic sleepexit(0); 4822822Swnj } 4832822Swnj } 4842822Swnj 485*53274Sbostic void 48636549Sbostic dolastlog(quiet) 48736460Sbostic int quiet; 4881043Sbill { 48936460Sbostic struct lastlog ll; 49036460Sbostic int fd; 4911043Sbill 49237203Sbostic if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { 49336515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 49436460Sbostic if (!quiet) { 49536460Sbostic if (read(fd, (char *)&ll, sizeof(ll)) == sizeof(ll) && 49636460Sbostic ll.ll_time != 0) { 49737203Sbostic (void)printf("Last login: %.*s ", 49836460Sbostic 24-5, (char *)ctime(&ll.ll_time)); 49936460Sbostic if (*ll.ll_host != '\0') 50037203Sbostic (void)printf("from %.*s\n", 50136460Sbostic sizeof(ll.ll_host), ll.ll_host); 50236460Sbostic else 50337203Sbostic (void)printf("on %.*s\n", 50436460Sbostic sizeof(ll.ll_line), ll.ll_line); 50536460Sbostic } 50636515Sbostic (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); 50736460Sbostic } 50843653Sbostic bzero((void *)&ll, sizeof(ll)); 50936460Sbostic (void)time(&ll.ll_time); 51036460Sbostic strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 51136591Sbostic if (hostname) 51236591Sbostic strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); 51336460Sbostic (void)write(fd, (char *)&ll, sizeof(ll)); 51436460Sbostic (void)close(fd); 5151043Sbill } 5161043Sbill } 5171043Sbill 518*53274Sbostic void 51936549Sbostic badlogin(name) 52036549Sbostic char *name; 52136549Sbostic { 52236647Skarels if (failures == 0) 52336549Sbostic return; 52445431Sbostic if (hostname) { 52545431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s", 52645431Sbostic failures, failures > 1 ? "S" : "", hostname); 52745431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 52845431Sbostic "%d LOGIN FAILURE%s FROM %s, %s", 52936647Skarels failures, failures > 1 ? "S" : "", hostname, name); 53045431Sbostic } else { 53145431Sbostic syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s", 53245431Sbostic failures, failures > 1 ? "S" : "", tty); 53345431Sbostic syslog(LOG_AUTHPRIV|LOG_NOTICE, 53445431Sbostic "%d LOGIN FAILURE%s ON %s, %s", 53536647Skarels failures, failures > 1 ? "S" : "", tty, name); 53645431Sbostic } 53736549Sbostic } 53836549Sbostic 5392822Swnj #undef UNKNOWN 54036460Sbostic #define UNKNOWN "su" 5411043Sbill 5421043Sbill char * 54336647Skarels stypeof(ttyid) 54436647Skarels char *ttyid; 5451043Sbill { 54636460Sbostic struct ttyent *t; 5471043Sbill 54836647Skarels return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN); 5491043Sbill } 5506005Swnj 551*53274Sbostic void 55236460Sbostic sleepexit(eval) 55336460Sbostic int eval; 55426862Smckusick { 555*53274Sbostic (void)sleep((u_int)5); 55636460Sbostic exit(eval); 55726862Smckusick } 558