Bug 218626 - "last -ad" print junk in last column
"last -ad" print junk in last column
Product: Fedora
Classification: Fedora
Component: gnome-terminal (Show other bugs)
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Behdad Esfahbod
Depends On:
Blocks: 218988
  Show dependency treegraph
Reported: 2006-12-06 10:44 EST by Wolfgang Rupprecht
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-12-12 15:43:56 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch (1.41 KB, patch)
2006-12-08 16:49 EST, Behdad Esfahbod
no flags Details | Diff

  None (edit)
Description Wolfgang Rupprecht 2006-12-06 10:44:44 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20061107 Fedora/ Firefox/

Description of problem:
bash-3.1$ last -ad -10
wolfgang pts/3        Wed Dec  6 07:28   still logged in
wolfgang pts/1        Wed Dec  6 07:11   still logged in
wolfgang :0           Wed Dec  6 07:11   still logged in
wolfgang pts/1        Tue Dec  5 22:24 - 23:48  (01:23)
wolfgang pts/1        Tue Dec  5 20:09 - 21:43  (01:34)
wolfgang pts/1        Tue Dec  5 18:33 - 20:07  (01:34)
wolfgang pts/0        Tue Dec  5 16:34 - 17:52  (01:17)
alison   pts/1        Tue Dec  5 15:13 - 16:41  (01:27)
wolfgang pts/5        Tue Dec  5 14:14 - 17:52  (03:37)     cpe-76-188-12-0.neo.res.rr.com

wtmp begins Fri Dec  1 05:42:03 2006

notice the random-numbers presented as IP addresses in the last field.  I suspect either an uninitialized/uncleared struct element or last isn't 
correctly suppressing  this printing upon seeing that it was a local login.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.type "last -ad -10" on the local machine.
2.look at last column of output
3.scratch head and wonder if one really took a trip around the world and forgot    about it.

Actual Results:
The list of hosts printed in the last column don't correspond to any known legit logins.

Expected Results:
last column should be empty for local xterms etc.

Additional info:
environment: standard gdm / X11 logins with multiple gnu terminals used.
perhaps gnu terminal startup registers the startup with utmp/wtmp incorreclty.
Comment 1 Bill Nottingham 2006-12-06 11:50:43 EST
This is a bug in programs that write to the utmp/wtmp file. See
sysvinit-2.86-timeval.patch; there's a similar patch in util-linux. Are you
using gnome-terminal, xterm, or something else?
Comment 2 Wolfgang Rupprecht 2006-12-06 11:56:39 EST
I'm using gnome-terminal and have just confirmed that what I'm seeing is a direct
result of a new gnome-terminal being created. 
Comment 3 Bill Nottingham 2006-12-06 12:22:35 EST
Assigning to gnome-terminal; might actually be vte, not sure.
Comment 4 Behdad Esfahbod 2006-12-06 17:30:45 EST
The bug is in gnome-pty-helper that is part of vte.
Should it just print for local logins or what?
Comment 5 Wolfgang Rupprecht 2006-12-06 17:51:09 EST
If it is possible to suppres the output for local logins that would be less
confusing for the user. implies that ipv4 was somehow involved.

Come to think of it, "ssh ::" has a similar problem.  It claims the connection 
came from "" instead of "::".
Comment 6 Bill Nottingham 2006-12-07 12:10:33 EST
Theoretically, if the bug is fixed, it will have, as that's the data in
the utmp file (all zeroes). I suppose there could be some special casing in last
for, but it's really just converting the raw utmp data into an ip address.
Comment 7 Behdad Esfahbod 2006-12-07 18:26:44 EST
gnome-pty-helper doesn't seem to try to write the ip address at all.  Can
someone who can reproduce this problem valgrind it?  I'll give it a try on a
x86_64 machine.  Seems to be related.
Comment 8 Bill Nottingham 2006-12-07 18:30:39 EST
It's not the ip addr.

The utmp field is (from bits/utmp.h):

    int32_t tv_sec;             /* Seconds.  */
    int32_t tv_usec;            /* Microseconds.  */
  } ut_tv;  

If you write a raw struct timeval in there, on x86_64, it overflows into the
next field:

  int32_t ut_addr_v6[4];        /* Internet address of remote host.  */

which gives you garbage.
Comment 9 Bill Nottingham 2006-12-07 18:32:27 EST
So, instead of:

        gettimeofday ((struct timeval*) &put.ut_tv, NULL);

you need something like:

struct timeval tv;
gettimeofday(&tv, NULL);
put.ut_tv.tv_sec = tv.tv_sec;
put.ut_tv.tv_usec = tv.tv_usec.

Comment 10 Behdad Esfahbod 2006-12-07 18:34:25 EST
Thanks for tracking down!
Comment 11 Behdad Esfahbod 2006-12-08 16:49:03 EST
Created attachment 143195 [details]

patch committed upstream.
Comment 12 Fedora Update System 2006-12-08 18:32:56 EST
vte-0.14.1-1.fc6 has been pushed for fc6, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 13 Fedora Update System 2006-12-12 11:13:25 EST
vte-0.14.1-1.fc6 has been pushed for fc6, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 14 Behdad Esfahbod 2006-12-12 15:24:11 EST
Can someone confirm that the updates fixes this, and close?
Comment 15 Wolfgang Rupprecht 2006-12-12 15:27:16 EST
I can confirm that the fix in vte-0.14.1-1.fc6 works.

bash-3.1$ last -4 -ad
wolfgang pts/4        Tue Dec 12 12:26   still logged in
wolfgang pts/4        Tue Dec 12 10:37 - 11:31  (00:54)
wolfgang pts/4        Tue Dec 12 10:09 - 10:19  (00:10)
wolfgang pts/4        Tue Dec 12 10:08 - 10:09  (00:00)

wtmp begins Fri Dec  1 05:42:03 2006
Comment 16 Behdad Esfahbod 2006-12-12 15:43:56 EST

Note You need to log in before you can comment on or make changes to this bug.