Skip to content

Commit

Permalink
Adding logging of SSH_ORIGINAL_COMMAND to nologin.
Browse files Browse the repository at this point in the history 
If SSH_ORIGINAL_COMMAND is set, it will be added to the syslog entry.

Closes shadow-maint#123.

Changelog: (SEH squashed commit): Fixing indentation
Changelog: (SEH) break up long line
  • Loading branch information
@edneville @hallyn
edneville authored and hallyn committed Jan 11, 2020
1 parent d7add53 commit 4c9ec2f
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 1 deletion.
3 changes: 3 additions & 0 deletions man/nologin.8.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,9 @@
<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>.
</para>
<para>
If <command>SSH_ORIGINAL_COMMAND</command> is populated it will be logged.
</para>
</refsect1>

<refsect1 id='see_also'>
Expand Down
7 changes: 6 additions & 1 deletion src/nologin.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,14 @@ int main (void)
if (NULL == user) {
user = "UNKNOWN";
}

char *ssh_origcmd = getenv("SSH_ORIGINAL_COMMAND");
uid = getuid (); /* getuid() is always successful */
openlog ("nologin", LOG_CONS, LOG_AUTH);
syslog (LOG_CRIT, "Attempted login by %s (UID: %d) on %s", user, uid, tty);
syslog (LOG_CRIT, "Attempted login by %s (UID: %d) on %s%s%s",
user, uid, tty,
(ssh_origcmd ? " SSH_ORIGINAL_COMMAND=" : ""),
(ssh_origcmd ? ssh_origcmd : ""));
closelog ();

printf ("%s", "This account is currently not available.\n");
Expand Down

0 comments on commit 4c9ec2f

Please sign in to comment.