Upload Tizen:Base source

[framework/base/util-linux-ng.git] / login-utils / README.poeigl

README for init/getty/login, by poe@daimi.aau.dk

This package contains simpleinit, agetty, and login programs for Linux.
Additional utilities included are: hostname, who, write, wall, users
domainname, hostid, cage and mesg.

Most of this software has been contributed by others, I basically just
ported the things to Linux.

About installation: See the bottom of this file. Check the Makefile!
Be sure you know what you are doing! You may well be able to lock
yourself out from your machine. Especially: The init provided here
(simpleinit) is NOT a SYSV compatible init and the inittab format
is different.

If you are uncertain whether you got the latest version, check out

        ftp://ftp.daimi.aau.dk/pub/linux/poe/

Version 1.49 (20-Jun-97)
        Small patches for new util-linux distribution and glibc compat.
        PAM support in login.c by Erik Troan.

Version 1.48 (6-Jun-97)
        Now changes mode and owner of /dev/vcs devices for console logins.
        After idea by Andries Brouwer.

Version 1.47 (2-Apr-97)
        Got new version of hostid.c and hostid.1 from 
        Sander van Malssen <svm@kozmix.ow.nl>.
        Removed premature endutent() call in login.c, simpleinit.c and 
        agetty.c to be compatible with the changed semantics of gnu libc2. 
        Fix by Jesse Thilo <Jesse.Thilo@pobox.com>.

Version 1.46 (28-Jan-97)
        Several security fixes for login by David Holland (buffer overruns)
        <dholland@hcs.harvard.edu>
        Fixed write.c, to handle a terminating period correctly.
        Re-indented login.c, it was getting too messy.

Version 1.45a (16-Dec-96)
        Better support in login for shadow passwords. Compile with
        -DSHADOW_PWD if you have <shadow.h>. This is on by default.
        By Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>.
        Changed the wtmp locking scheme in login.c,agetty.c,simpleinit.c
        to flock() /etc/wtmplock instead of the wtmp file directly.
        This avoids a denial of service attack.
        Some support for the RB-1 Cryptocard token for challenge/response
        authentication. This needs a DES library, either Eric Young's
        libdes, or the Koontz implementation, see cryptocard.c.
        Initial support patch by Randolph Bentson, 
        <bentson@grieg.seaslug.org>
        Changed getpass() to use fputs() instead of fprintf().

Version 1.44 (13-Nov-96):
        Made isapty() in checktty.c more resilient to 2.0 systems
        that haven't re-MAKEDEV'ed their pty devices.

Version 1.43 (8-Nov-96):
        Fix to checktty.c: PTY's are numbered differently after 1.3,
        blush! Fix by Gerhard Schneider <gs@ilfb.tuwien.ac.at>

Version 1.42c (6-Nov-96):
        Small fix by Gabriel M. Schuyler <schuyler@easiest.com>, to get
        better syslog messages (1 LOGIN FAILURE instead of 2 LOGIN FAILURES).
        Patch butchered by me.

Version 1.42b (30-Sep-96):
        Got patch for checktty.c from Christoph Lameter
        <clameter@miriam.fuller.edu> so it doesn't traverse the groupfile
        "manually" but uses the getgroups() call, this is more efficient
        with large groupfiles and NIS/YP.

Version 1.42a (24-Sep-96):
        Added extra syslog() call to login.c to log all good logins.
        Patch from Steve Philp.

Version 1.41 (20-Jul-96):
        Added security fix to checktty.c by JDS to clear certain lists.
        Patches butchered and ANSI'fied by me.
        Added -n option to agetty to avoid the login prompt.

Version 1.40a (29-Dec-95):
        Added -f <issue_file> option to agetty. Patches from Eric Rasmussen
        <ear@usfirst.org>, but somewhat butchered by me.

Version 1.39 (25-Oct-95):
        Lots of testing and bugfixes in agetty. Now the modem init stuff 
        should finally work (for me). Also wrote modem.agetty as an example
        on how to use agetty with a modem.
        Agetty now also supports baud rates of 38400, 57600, 115200 and
        230400 bps.

Version 1.37 (15-Sep-95):
        Added -I <initstring> and -w options to agetty.c for those that
        use agetty with modems.

Version 1.36 (25-Aug-95): 
        Enhanced /etc/usertty features with group support. Moved this part
        of login.c to checktty.c. One can now define classes of hosts and
        ttys and do access checking based on unix-group membership. See
        login.1. Also time ranges for logins can be specified, for example
        writing the line

        joe     [mon:tue:wed:thu:fri:8-16]@barracuda [mon:tue:wed:thu:fri:0-7:17-23]@joes.pc.at.home [sat:sun:0-23]@joes.pc.at.home

        says that during working hours, Joe may rlogin from the host
        barracuda, whereas outside working hours and in weekends Joe may
        rlogin from his networked PC at home.

        login.c: failures was not properly initialized, it now is. Also
        made sure ALL failures are really logged to syslog.

Version 1.35 (7-Aug-95):
        login.c: Much improved features for the usertty file, allows
        access control based on both hostnames/addresses and line. See the 
        about.usertty file and the man-page.

        Fixed agetty so it doesn't fiddle with the ut_id field in the
        utmp record, this should prevent growing utmps on systems with
        more than 10 login lines. Fix suggested and checked by Alan Wendt 
        <alan@ezlink.com> in his agetty.1.9.1a.

        Agetty now installs as agetty again, not as getty.
        Updated man-page for login(1) to document /etc/usertty changes.

        This has been tested on Linux 1.2.5 with GCC 2.5.8 and libc 4.5.26.

Version 1.33a (20-Jun-95):
        rchatfie@cavern.nmsu.edu ("rc.") suggested that I should remove
        the #ifndef linux around the special logging of dial-up 
        logins. This is now done, so each login via a serial port 
        generates a separate DIALUP syslog entry.

Version 1.33 (5-Jun-95):
        Patch by Ron Sommeling <sommel@sci.kun.nl> and
        jlaiho@ichaos.nullnet.fi (Juha Laiho) for agetty.c, used
        to return a pointer to an automatic variable in get_logname().
        Many patches from or via Rickard Faith <faith@cs.unc.edu>, fixing
        man-pages etc, now defaults to using /var/log/wtmp and /var/run/utmp
        according to the new FSSTND.

        Fix in login.c for CPU eating bug when a remote telnet client dies
        while logging in.

        This is for Linux 1.2, GCC 2.6.2 or later.

Version 1.32b (12-Mar-95):
        Login now sets the tty group to "tty" instead of "other". Depending
        on compile-time define USE_TTY_GROUP the tty mode is set to 0620 or
        0600 instead of 0622. All as per suggestion by Rik Faith and the
        linux-security list.
        Write/wall now strips control chars except BEL (\007). Again after
        suggestion by Rik Faith.

Version 1.32a
        Urgent security patch from Alvaro M. Echevarria incorporated into
        login.c. This is really needed on machines running YP until
        the libraries are fixed.

Version 1.32
        Login now logs the ip-address of the connecting host to utmp as it
        should.

Version 1.31b (2-Feb-95):
        Daniel Quinlan <quinlan@yggdrasil.com> and Ross Biro 
        <biro@yggdrasil.com> suggested a patch to login.c that allows for 
        shell scripts in the shell field of /etc/passwd, so one can now
        have (as a line in /etc/passwd):
                bye::1000:1000:Outlogger:/bin:echo Bye
        Logging in as "bye" with no password simply echoes Bye on the screen.
        This has applications for pppd/slip.

Version 1.31a (28-Oct-94):
        Scott Telford provided a patch for simpleinit, so executing reboot
        from singleuser mode won't partially execute /etc/rc before
        the reboot.

Version 1.30 (17-Sep-94):
        tobias@server.et-inf.fho-emden.de (Peter Tobias) has made a more 
        advanced hostname command that understands some options such as
        -f for FQDN etc. I'll not duplicate his work. Use his hostname
        package if you wish.

        svm@kozmix.xs4all.nl (Sander van Malssen) provided more features
        for the /etc/issue file in agetty. \U and \u now expand to the 
        number of current users.

        It is now possible to state the value of TERM on the agetty command
        line. This was also provided by Sander.

        This has been built under Linux 1.1.42 with gcc 2.5.8 and libc 4.5.26.

Version 1.29 (18-Aug-94):
        Finally got around to making a real version after the numerous
        alpha versions of 1.28. Scott Telford <st@epcc.ed.ac.uk> provided
        a patch for write(1) to make it look more like BSD write.

        Fixed login so that the .hushlogin feature works even with real
        protective users mounted via NFS (ie. where root can't access
        the user's .hushlogin file).

        Cleaned up the code to make -Wall bearable.

Version 1.28c (21-Jul-94):
        Rik Faith reminded me that agetty should use the syslog
        facility. It now does.

Version 1.28b (30-May-94):
        On suggestion from Jeremy Fitzhardinge <jeremy@suite.sw.oz.au>
        I added -- as option delimiter on args passed from agetty to
        login. Fixes -froot hole for other login programs. The login
        program in this package never had that hole.

Version 1.28a (16-May-94):
        bill@goshawk.lanl.gov provided a couple of patches, one fixing
        terminal setup in agetty, and reboot is now supposed to be
        in /sbin according to FSSTND.

Version 1.27 (10-May-94):
        Changed login.c, so all bad login attempts are logged, and added
        usertty security feature. See about.usertty for an explanation.
        There's no longer a limit of 20 chars in the TERM environment 
        variable. Suggested by Nicolai Langfeldt <janl@math.uio.no>

        Added #ifdef HAVE_QUOTA around quota checks. Enable them if
        you have quota stuff in your libraries and kernel.
        Also re-enabled set/getpriority() calls as we now have them,
        and have had for a long time...

        Now wtmp is locked and unlocked around writes to avoid mangling.
        Due to Jaakko Hyv{tti <HYVATTI@cc.helsinki.fi>.

        Wrt. agetty: A \o in /etc/issue now inserts the domainname, as 
        set by domainname(1). Sander van Malssen provided this.
        This is being used under Linux 1.1.9

        Beefed up the agetty.8 man-page to describe the /etc/issue
        options. Added man-pages for wall, cage, who.

Version 1.26 alpha (25-Apr-94):
        Added patch from Bill Reynolds <bill@goshawk.lanl.gov> to 
        simpleinit, so it will drop into single user if /etc/rc
        fails, eg. from fsck.

Version 1.25 (9-Feb-94):
        Agetty should now work with the Linux 0.99pl15a kernel.
        ECHOCTL and ECHOPRT are no longer set in the termios struct.
        Also made agetty accept both "tty baudrate" and "baudrate tty"
        arguments.

Version 1.24 (23-Jan-94): changes since 1.22
        Christian von Roques <roques@juliet.ka.sub.org> provided a patch
        that cleans up the handling of the -L option on agetty. 
        Rik Faith <faith@cs.unc.edu> enhanced several man-pages...

Version 1.23 (11-Dec-93): changes since 1.21
        Mitchum DSouza provided the hostid(1) code. It needs libc 4.4.4 or
        later and a Linux 0.99.14 kernel or later. It can set and print
        the world unique hostid of the machine. This may be used in 
        connection with commercial software licenses. God forbid!
        I added the -v option, and munged the code a bit, so don't blame
        Mitch if you don't like it.

        I made the "cage" program. Using this as a shell in the passwd
        file, enables one to let users log into a chroot'ed environment.
        For those that have modem logins and are concerned about security.
        Read the source for further info.

        "who am i" now works.

        The login program works with Yellow Pages (aka NIS) simply by
        linking with an appropriate library containing a proper version
        of getpwnam() and friends.

Version 1.21 (30-Oct-93): changes since 1.20
        In simpleinit.c: The boottime wtmp record is now written *after*
        /etc/rc is run, to put a correct timestamp on it.
        Daniel Thumim <dthumim@mit.edu> suggested this fix.

        The source and Makefile is prepared for optional installation of 
        binaries in /sbin instead of /etc, and logfiles in /usr/adm instead
        of /etc. See and change the Makefile to suit your preferences.
        Rik Faith and Stephen Tweedie inspired this change.

Version 1.20 (30-Jul-93): changes since 1.17:
        Versions 1.18 and 1.19 were never made publically available.
        Agetty now supports a -L switch that makes it force the CLOCAL flag.
        This is useful if you have a local terminal attached with a partly
        wired serial cable that does not pass on the Carrier Detect signal.

        There's a domainname program like the hostname program; contributed
        by Lars Wirzenius.

        Simpleinit will now write a REBOOT record to wtmp on boot up. Time-
        zone support is now optional in simpleinit. Both of these patches
        were made by Scott Telford <st@epcc.ed.ac.uk>.

        This is for Linux 0.99.11 or later.

Version 1.17 (19-May-93): changes since 1.16:
        Login, simpleinit and write should now work with shadow passwords
        too. See the Makefile. Thanks to Anders Buch who let me have an
        account on his SLS based Linux box on the Internet, so I could test
        this. I should also thank jmorriso@rflab.ee.ubc.ca (John Paul Morrison)
        who sent me the shadow patch to login.c

Version 1.16 (24-Apr-93): changes since 1.15a:
        Simpleinit now clears the utmp entry associated with the pid's that
        it reaps if there is one. A few are still using simpleinit and this
        was a popular demand. It also appends an entry to wtmp

Version 1.15a (15-Mar-93): changes since 1.13a:
        junio@shadow.twinsun.com (Jun Hamano) sent me a one-line fix
        for occasional mangled issue-output from agetty.

Version 1.13a (2-Mar-93): changes since 1.12a:
        With the new LILO (0.9), there are more than one possible arg
        to init, so Werner Almesberger <almesber@bernina.ethz.ch>
        suggested that a loop over argv[] was made in boot_single() in
        simpleinit.c

Version 1.12a (24-Feb-93): changes since 1.11:
        This is for Linux 0.99.6 or later. Built with gcc 2.3.3 and libc4.2
        jrs@world.std.com (Rick Sladkey) told me that the setenv("TZ",..)
        in login.c did more harm than good, so I commented it out.

Version 1.11a (16-Feb-93): changes since 1.9a:
        This is for Linux 0.99.5 or later.
        Anthony Rumble <arumble@extro.ucc.su.OZ.AU> made me avare that
        the patches for vhangup() from Steven S. Dick didn't quite work,
        so I changed it.

        Linus Torvalds provided another patch relating to vhangup, since
        in newer Linuxen vhangup() doesn't really close all files, so we
        can't just open the tty's again.

Version 1.9a (18-Jan-93): changes since 1.8a:
        Rick Faith sent me man-pages for most of the untilities in this
        package. They are now included.

        Steven S. Dick <ssd@nevets.oau.org> sent me a patch for login.c
        so DTR won't drop during vhangup() on a modemline.

        This is completely untested!! I haven't even had the time to
        compile it yet.

Version 1.8a (13-Dec-92): changes since 1.7:
        This is for Linux 0.98.6 or later. Compiles with gcc2.2.2d7 and libc4.1

        Bettered write/wall after fix from I forget who. Now wall can have
        commandline args.

        Fixed bug in who.c

        Patched simpleinit.c with patch from Ed Carp, so it sets the timezone
        from /etc/TZ. Should probably by be /etc/timezone.

        Sander Van Malssen <sander@kozmix.hacktic.nl> provided a patch
        for getty, so it can understand certain escapecodes in /etc/issue.

        I hacked up a very simple substitute for a syslog() call, to try out
        the logging. If you have a real syslog() and syslogd then use that!

        The special vhangup.c file is out, it's in the official libc by now.
        (and even in the libc that I have :-)

        who, and write are now deprecated, get the better ones from one of
        the GNU packages, shellutils I think.

        Some people think that the simple init provided in this package is too
        spartan, if you think the same, then get the SYSV compatible init
        from Miquel van Smoorenburg <miquels@maestro.htsa.aha.nl>
        Simpleinit will probably be deprecated in the future.

Version 1.7: 26-Oct-92 changes since 1.6:
        This is for Linux 0.97PL4 or later.

        Thanks to Werner Almesberger, init now has support for a 
        singleuser mode. 

        Login now supports the -h <hostname> option, used in connection
        with TCP/IP. (rlogin/telnet)

        Getty writes an entry to /etc/wtmp when started, so last won't report
        "still logged in" for tty's that have not been logged into since
        the last user of that tty logged out. This patch was inspired by
        Mitchum DSouza. To gain the full benefit of this, get the newest
        last from the admutils-1.4.tar.Z package or later.

Version 1.6 (29-Aug-92): changes since 1.5:
        This is for Linux 0.97P1+ or later.
        
        Login now uses the newly implemented vhangup() sys-call, to prevent
        snooping on the tty.
        An alternative getpass() function is now provided with login, because
        I was told that the old one in libc didn't work with telnet and
        or rlogin. I don't have a network or a kernel with TCP/IP so I haven't
        tested the new one with telnet, but it is derived from BSD sources
        that are supposed to work with networking.

Version 1.5 (12-Aug-92): changes since 1.4
        This is for Linux 0.97 or later, and has been built with gcc2.2.2

        This release just puts in a few bugfixes in login.c and simpleinit.c

Version 1.4 (4-Jul-92): changes since 1.3:
        This is for Linux 0.96b, and has been built and tested with gcc 2.2.2.

        Init now handles the SIGINT signal. When init gets a SIGINT it will
        call /usr/bin/reboot and thereby gently reboot the machine. This
        makes sense because after Linux 0.96B-PL1 the key-combination
        Ctrl-Alt-Del may send a SIGINT to init instead of booting the 
        machine the hard way without syncing or anything.

        You may want to get the admutils-1.1 package which includes a program
        that will instruct the kernel to use the "gentle-reboot" procedure.

Version 1.3 (14-Jun-92): changes since 1.2:
        This is for Linux 0.96A.

        The ioctl(TIOCSWINSZ) has been removed from login.c because it now
        works :-).
        
        login.c now supports a lastlog database.

        Several programs and pieces of source that were included in the 1.2
        package has been *removed* as they are incorporated into the new
        libc. Other omitted parts such as last(1) has been replaced by
        better versions, and can be found in the admutils package.

        Agetty is now called getty and will be placed in /etc.

        A few changes has been made to make it possible to compile the
        stuff with GCC 2.x.

Version 1.2 (28-Feb-92): changes since 1.1:
        This is for Linux 0.12.

        A couple of problems with simpleinit.c has been solved, thanks to
        Humberto Zuazaga. So now init groks comments in /etc/inittab, and
        handles the HUP and TSTP signals properly.

        I added two small scripts to the distribution: users and mesg.

        TERM is now carried through from /etc/inittab all the way to the
        shell. Console tty's are special-cased, so the termcap entry in
        /etc/inittab is overridden by the setting given at boot-time.
        This requires a different patch to the kernel than that distributed
        with version 1.1

        Login no more sends superfluous chars from a password to the 
        shell. It also properly prints a NL after the password.

        Agetty didn't set the erase character properly, it does now.

        A few extra defines has been added to utmp.h

        Several netters helped discover the bugs in 1.1. Thanks to them
        all.

Version 1.1 (released 19-Feb-92): Changes since 1.0:
        A bug in simpleinit.c has been fixed, thanks to Pietro Castelli.
        The definition of the ut_line field has been changed to track the
        USG standard more closely, we now strip "/dev/" off the front.
        Thanks to: Douglas E. Quale and Stephen Gallimore.

        I have added a getlogin.c library routine, and a write(1) command.
        I removed the qpl-init stuff. If people want to use it, they should
        get it from the source. I don't want to hack on it anymore.

        A couple of people reported problems with getty having problems 
        with serial terminals. That was correct. I borrowed a null-modem
        from Tommy Thorn, and now the problems should be fixed. It seems
        that there is kept a lot of garbage in the serial buffers, flush
        them and it works like a charm. Getty does an ioctl(0, TCFLSH, 2)
        for this.

        The write.c code now doubles as code for a wall(1) program.

Description of the various files:

login.c         The login program. This is a portation of BSD login, first
                to HP-UX 8.0 by Michael Glad (glad@daimi.aau.dk), and
                to Linux (initially to 0.12) by me.

who.c           A simple who(1) util. to list utmp. Done by me.
                You may prefer the GNU who util. with more options
                and features.

hostname.c      A hostname(1) command to get and set the hostname. I did
                this too.

domainname.c    Like hostname, only reads out or sets the domainname.

agetty.c        The getty program. From comp.sources.misc, by W.Z. Venema.
                Hacked a bit by me.

simpleinit.c    A simple init program, written by me. Uses /etc/inittab

                A "kill -HUP" to init makes it re-read /etc/inittab.
                A "kill -TSTP" to init makes it stop spawning gettys on the
                ttys. A second "kill -TSTP" starts it again.
                A kill -INT to init makes it attempt a reboot of the machine.
                this works in connection with kernel support for softboot
                when Ctrl-Alt-Del is pressed.

                Init will start up in singleuser mode if /etc/singleboot
                exists at boottime, or if it is given an argument of "single"
                via eg. LILO. If /etc/securesingle exists it will ask for the
                root password before starting single user.

write.c         A write(1) command, used to pass messages between users
                at different terminals. This code doubles as code for 
                a wall(1) command. Make a symlink: /usr/bin/wall ->
                /usr/bin/write for this.

mesg            A tiny shellscript, so you can avoid that other people write
                to your shell.

users           Another script that uses awk(1) and tr(1) to process the
                output from who(1) into a one-liner.
                If you don't have awk, but have Perl, this does the same:

                who | perl -ane 'print "$F[0] "'; echo ""

pathnames.h:
                Header.

param.h
                Header, extended with getdtablesize() macro, should go
                in /usr/include/sys

Building.
---------
A "make all" should do. At least it does for me.

Installation:
-------------

login           should go in /bin, if you don't like this change
                pathnames.h and recompile at least agetty.

getty, init     Put them in SBINDIR

who, hostname, write, wall, mesg, users:
                /usr/bin

securetty       login needs this in /etc, defines which ttys that root
                can login on. This should *never* include ttys{1,2}

inittab         the simpleinit code needs this in /etc. Note that the syntax
                of /etc/inittab has little to do with the syntax of a real
                SysV inittab. Edit this one for your local setup.

shells          The chsh program will use this if it's placed in /etc. It
                defines the valid shell-programs. Have one abs. path on
                each line.

You can also do a "make install" as root, but don't just do it because I
say so, check the Makefile first.

"Make install" will install only the new binaries, and not motd, inittab,
securetty and issue. To install these configuration files, do a 
"make Install".

Getty requires a /dev/console to write errors to. I just made it a symlink
to /dev/tty1. Because of a bug in the tty driver this errorlogging may
cause the shell on tty1 to logout.

Getty will print the contents of /etc/issue if it's present before asking
for username. Login will print the contents of /etc/motd after successful
login. Login doesn't print /etc/motd, and doesn't check for mail if
~/.hushlogin is present and world readable.

If /etc/nologin is present then login will print its contents and disallow
any logins except root.
It might be a good idea to have a "rm -f /etc/nologin" line in one's 
/etc/rc file.

If /etc/securetty is present it defines which tty's that root can login on.

   - Peter (poe@daimi.aau.dk)