tty login sessions do not correctly get updated in /var/run/utmp
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu minimal desktop |
Invalid
|
Low
|
Unassigned | ||
Util-Linux-ng |
New
|
Undecided
|
Unassigned | ||
shadow (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
sysvinit (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
upstart (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: login util-linux (getty) ? coreutils (who) ?
The list of programs which rely on utmp may be very long, the one of those which modify it is shorter but as I am not into base sysadmin I do not know exactly.
It is best to list the steps to reproduce:
1) from X go to tty2 CTRL+ALT+F2 and login (me as user tst)
2) logout from tty2 (with `exit`)
3) go to tty1 and login (again me as user tst)
4) then I check the list of (active) sessions (with some common admin commands)
From this I can clearly see that /var/run/utmp does not get correctly updated, while /var/log/wtmp yes, so programs which rely on utmp file only may get misleaded..
Follows ouput from some test command (after the above steps):
==> w
04:02:44 up 11:54, 3 users, load average: 0,88, 1,02, 1,00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
tst tty1 - 03:52 9:35 0.62s 0.37s -bash
tst :0 - 16:09 ?xdm? 28:10 0.13s /bin/sh /opt/kde3/
==> who
tst tty1 2010-04-30 03:52
tst :0 2010-04-29 16:09
==> last -f /var/run/utmp
tst :0 Thu Apr 29 16:09 still logged in
tst tty1 Fri Apr 30 03:52 still logged in
tst tty2 Fri Apr 30 03:51 gone - no logout
reboot system boot 2.6.32-21-generi Thu Apr 29 16:08 - 04:02 (11:53)
utmp begins Thu Apr 29 16:08:55 2010
==> last -f /var/log/wtmp |head -5
tst tty1 Fri Apr 30 03:52 still logged in
tst tty1 Fri Apr 30 03:52 - 03:52 (00:00)
tst tty2 Fri Apr 30 03:51 - 03:52 (00:00)
tst tty2 Fri Apr 30 03:51 - 03:51 (00:00)
tst :0 Thu Apr 29 16:09 still logged in
==> pgrep tty
root 928 899 8 Apr29 tty8 00:59:07 /usr/bin/X -br -nolisten tcp :0 vt8 -auth /var/run/
root 1053 1 0 Apr29 tty4 00:00:00 /sbin/getty -8 38400 tty4
root 1057 1 0 Apr29 tty5 00:00:00 /sbin/getty -8 38400 tty5
root 1081 1 0 Apr29 tty3 00:00:00 /sbin/getty -8 38400 tty3
root 1083 1 0 Apr29 tty6 00:00:00 /sbin/getty -8 38400 tty6
root 2459 1 0 Apr29 tty1 00:00:00 /bin/login --
root 19513 1 0 03:52 tty2 00:00:00 /sbin/getty -8 38400 tty2
tst 19630 2459 0 03:52 tty1 00:00:00 -bash
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: login 1:4.1.4.2-1ubuntu2
ProcVersionSign
Uname: Linux 2.6.32-21-generic i686
Architecture: i386
Date: Fri Apr 30 03:55:57 2010
InstallationMedia: Kubuntu 9.10 "Karmic Koala" - Beta i386 (20090929.2)
ProcEnviron:
PATH=(custom, user)
LANG=it_IT.UTF-8
SHELL=/bin/bash
SourcePackage: shadow
Notes:
1) I do not have byoybu enabled on the user account profile
2) I did not make any change to the init for ttys (ie getty -8 38400 ttyX)
3) This seems to occur only on logout event, that utmp does not get correctly updated, on login it may reflect reality instead.
Changed in shadow (Ubuntu): | |
status: | New → Invalid |
description: | updated |
tags: | added: getty login utmp wtmp |
summary: |
- tty login session do not correctly get updated + tty login sessions do not correctly get updated in /var/run/utmp |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in util-linux-ng: | |
status: | New → Confirmed |
Changed in util-linux-ng: | |
status: | Confirmed → New |
I am not completely aware of a security implication of this bug, but possibly the non correct update of utmp by (?) program would lead to some race condition and may be security bug in other applications.
I just tagged security, to draw dev attentions, becuase it could be server related, too.