Does anyone know how to debug login record issues or who to talk to about login record issues? I am experiencing a weird issue described in bugzilla 140297 and I would like to debug it myself, but I don't seem to be able to find anyone to assist me with it.
Sean
Sean,
On Tue, 23 Nov 2004 22:41:10 -0800, Sean Bruno sean.bruno@dsl-only.net wrote:
Does anyone know how to debug login record issues or who to talk to about login record issues? I am experiencing a weird issue described in bugzilla 140297 and I would like to debug it myself, but I don't seem to be able to find anyone to assist me with it.
Lets see what I can remember about utmp/wtmp (Sorry, I'm using a desktop OS whose name starts with a "W", so all I can do is recall, I can't look it up).
* I may have the relative meanings of "utmp" and "wtmp" swapped-over below. * "Utmpx/wtmpx" is a Sun-originated extension of the "traditional" utmp/wtmp files (Same purposes, just more information/fatter fields or whatnot). * Utmp and Wtmp use the same record structure, they just use them in different ways (see next two points). * Utmp is a running log of user login history ("last" reads this) - everytime a log action (login/logout/reboot and a bunch of other odd things) happens it gets appended here. * Wtmp is a list of the current login state of each user and is read by "Who"/"w". The records are indexed by UID (e.g. user "Fred" with UID=1024 has their login state recorded at offset ( sizeof( utmp_record ) * 1024 ). * Utmp and wtmp use fixed-field-length strings (the kind of things that the el-stupido "strncpy()" function exists to deal with - viva el "strlcpy()"!). These have the perculiar property of being NUL-padded ('\0') if their content is smaller than the field and they are not NUL-terminated if the content is as-long-as or longer than the field. (This is probably an important clue).
If I were you, I'd work-up a program in language-of-your-choice (C, Python or Perl can do it for sure) to scan-through one record at a time and sanity-check the file that "who" reads (make sure it's wtmp - remember my first point above). As I also indicated above, the slightly anti-intuitive behaviour of strncpy() and the fields it produces might be a factor in the problem. Something could be inadvertantly adding an extra NUL character or overrunning a field somewhere (right after your listed logged-in user possibly). Or it could be the case that the ?tmp file is fine, but "who" is musjudging the data.
Happy hacking,
Moles.
desktop@lists.fedoraproject.org