2 * Copyright (c) 1989 - 1993, Julianne Frances Haugh
3 * Copyright (c) 1996 - 2000, Marek Michałkiewicz
4 * Copyright (c) 2002 - 2006, Tomasz Kłoczko
5 * Copyright (c) 2007 - 2008, Nicolas François
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the copyright holders or contributors may not be used to
17 * endorse or promote products derived from this software without
18 * specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
23 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
24 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41 #include <sys/types.h>
44 #include "exitcodes.h"
46 #include "prototypes.h"
50 static FILE *fail; /* failure file stream */
51 static uid_t user; /* one single user, specified on command line */
52 static int days; /* number of days to consider for print command */
53 static time_t seconds; /* that number of days in seconds */
56 aflg = false, /* set if all users are to be printed always */
57 uflg = false, /* set if user is a valid user id */
58 tflg = false; /* print is restricted to most recent days */
60 static struct stat statbuf; /* fstat buffer for file size */
62 #define NOW (time((time_t *) 0))
64 static void usage (void)
66 fputs (_("Usage: faillog [options]\n"
69 " -a, --all display faillog records for all users\n"
70 " -h, --help display this help message and exit\n"
71 " -l, --lock-time SEC after failed login lock accout to SEC seconds\n"
72 " -m, --maximum MAX set maximum failed login counters to MAX\n"
73 " -r, --reset reset the counters of login failures\n"
74 " -t, --time DAYS display faillog records more recent than DAYS\n"
75 " -u, --user LOGIN display faillog record or maintains failure\n"
76 " counters and limits (if used with -r, -m or -l\n"
77 " options) only for user with LOGIN\n"
82 static void print_one (const struct faillog *fl, uid_t uid)
84 static bool once = false;
95 puts (_("Login Failures Maximum Latest On\n"));
98 pwent = getpwuid (uid); /* local, no need for xgetpwuid */
100 tm = localtime (&fl->fail_time);
102 strftime (ptime, sizeof (ptime), "%D %H:%M:%S %z", tm);
106 printf ("%-9s %5d %5d ",
107 pwent->pw_name, fl->fail_cnt, fl->fail_max);
108 if ((time_t) 0 != fl->fail_time) {
109 /* FIXME: cp is not defined ifndef HAVE_STRFTIME */
110 printf ("%s %s", cp, fl->fail_line);
111 if (0 != fl->fail_locktime) {
112 if ( ((fl->fail_time+fl->fail_locktime) > now)
113 && (0 != fl->fail_cnt)) {
114 printf (_(" [%lds left]"),
116 fl->fail_locktime - now);
118 printf (_(" [%lds lock]"),
127 static int reset_one (uid_t uid)
130 struct faillog faillog;
132 offset = uid * sizeof faillog;
133 if (fstat (fileno (fail), &statbuf) != 0) {
134 perror (FAILLOG_FILE);
137 if (offset >= statbuf.st_size) {
141 if (fseeko (fail, offset, SEEK_SET) != 0) {
142 perror (FAILLOG_FILE);
145 if (fread ((char *) &faillog, sizeof faillog, 1, fail) != 1) {
146 if (feof (fail) == 0) {
147 perror (FAILLOG_FILE);
152 if (0 == faillog.fail_cnt) {
153 return 1; /* don't fill in no holes ... */
156 faillog.fail_cnt = 0;
158 if ( (fseeko (fail, offset, SEEK_SET) == 0)
159 && (fwrite ((char *) &faillog, sizeof faillog, 1, fail) == 1)) {
163 perror (FAILLOG_FILE);
168 static void reset (void)
175 struct passwd *pwent;
178 while ( (pwent = getpwent ()) != NULL ) {
179 reset_one (pwent->pw_uid);
185 static void print (void)
189 struct faillog faillog;
192 offset = user * sizeof faillog;
193 if (fstat (fileno (fail), &statbuf) != 0) {
194 perror (FAILLOG_FILE);
197 if (offset >= statbuf.st_size) {
201 fseeko (fail, (off_t) user * sizeof faillog, SEEK_SET);
202 if (fread ((char *) &faillog, sizeof faillog, 1, fail) == 1)
203 print_one (&faillog, user);
205 perror (FAILLOG_FILE);
208 fread ((char *) &faillog, sizeof faillog, 1, fail) == 1;
211 if (!aflg && (0 == faillog.fail_cnt)) {
216 ((NOW - faillog.fail_time) > seconds)) {
220 if (aflg && (0 == faillog.fail_time)) {
224 print_one (&faillog, uid);
229 static void setmax_one (uid_t uid, int max)
232 struct faillog faillog;
234 offset = uid * sizeof faillog;
236 if (fseeko (fail, offset, SEEK_SET) != 0) {
237 perror (FAILLOG_FILE);
240 if (fread ((char *) &faillog, sizeof faillog, 1, fail) != 1) {
241 if (feof (fail) == 0) {
242 perror (FAILLOG_FILE);
244 memzero (&faillog, sizeof faillog);
246 faillog.fail_max = max;
248 if (fseeko (fail, offset, SEEK_SET) == 0
249 && fwrite ((char *) &faillog, sizeof faillog, 1, fail) == 1) {
252 perror (FAILLOG_FILE);
256 static void setmax (int max)
258 struct passwd *pwent;
261 setmax_one (user, max);
264 while ( (pwent = getpwent ()) != NULL ) {
265 setmax_one (pwent->pw_uid, max);
271 static void set_locktime_one (uid_t uid, long locktime)
274 struct faillog faillog;
276 offset = uid * sizeof faillog;
278 if (fseeko (fail, offset, SEEK_SET) != 0) {
279 perror (FAILLOG_FILE);
282 if (fread ((char *) &faillog, sizeof faillog, 1, fail) != 1) {
283 if (feof (fail) == 0) {
284 perror (FAILLOG_FILE);
286 memzero (&faillog, sizeof faillog);
288 faillog.fail_locktime = locktime;
290 if (fseeko (fail, offset, SEEK_SET) == 0
291 && fwrite ((char *) &faillog, sizeof faillog, 1, fail) == 1) {
294 perror (FAILLOG_FILE);
299 * XXX - this needs to be written properly some day, right now it is
300 * a quick cut-and-paste hack from the above two functions. --marekm
302 static void set_locktime (long locktime)
304 struct passwd *pwent;
307 set_locktime_one (user, locktime);
310 while ( (pwent = getpwent ()) != NULL ) {
311 set_locktime_one (pwent->pw_uid, locktime);
317 int main (int argc, char **argv)
319 bool anyflag = false;
321 (void) setlocale (LC_ALL, "");
322 (void) bindtextdomain (PACKAGE, LOCALEDIR);
323 (void) textdomain (PACKAGE);
325 /* try to open for read/write, if that fails - read only */
326 fail = fopen (FAILLOG_FILE, "r+");
328 fail = fopen (FAILLOG_FILE, "r");
331 perror (FAILLOG_FILE);
336 int option_index = 0;
338 static struct option long_options[] = {
339 {"all", no_argument, NULL, 'a'},
340 {"help", no_argument, NULL, 'h'},
341 {"lock-secs", required_argument, NULL, 'l'},
342 {"maximum", required_argument, NULL, 'm'},
343 {"reset", no_argument, NULL, 'r'},
344 {"time", required_argument, NULL, 't'},
345 {"user", required_argument, NULL, 'u'},
346 {NULL, 0, NULL, '\0'}
350 getopt_long (argc, argv, "ahl:m:rt:u:",
351 long_options, &option_index)) != -1) {
363 set_locktime ((long) atoi (optarg));
367 setmax (atoi (optarg));
375 days = atoi (optarg);
376 seconds = days * DAY;
381 struct passwd *pwent;
386 /* local, no need for xgetpwnam */
387 pwent = getpwnam (optarg);
390 _("Unknown User: %s\n"),
395 user = pwent->pw_uid;
404 /* no flags implies -a -p (= print information for all users) */
405 if (!(anyflag || aflg || tflg || uflg)) {
408 /* (-a or -t days or -u user) and no other flags implies -p
409 (= print information for selected users) */
410 if (!anyflag && (aflg || tflg || uflg)) {