Description of problem: lastlog is not recorded with the big uid (>2147483647). 1569 /* open the file (using filemode) and seek to the login entry */ 1570 static int 1571 lastlog_openseek(struct logininfo *li, int *fd, int filemode) 1572 { ... 1600 if (type == LL_FILE) { 1601 /* find this uid's offset in the lastlog file */ 1602 offset = (off_t) ((long)li->uid * sizeof(struct lastlog)); 1603 1604 if (lseek(*fd, offset, SEEK_SET) != offset) { 1605 logit("%s: %s->lseek(): %s", __func__, 1606 lastlog_file, strerror(errno)); 1607 return (0); 1608 } When uid is 2147483648, offset is 18446743446644326400 at line 1602. uid = 2147483648 (0x80000000) (long)uid = 18446744071562067968 (0xFFFFFFFF80000000) As a result, offset becomes so big value, lseek fails, and lastlog is not recorded. lseek(9, 18446743446644326400, SEEK_SET) = -1 EINVAL (Invalid argument) Version-Release number of selected component (if applicable): openssh-4.3p2-41.el5 How reproducible: Always Steps to Reproduce: On sshd server, # useradd -u 2147483648 testuser # passwd testuser # lastlog <-- confirm "**Never logged in**" for testuser # ssh -l testuser localhost # lastlog <-- confirm still "**Never logged in**" Actual results: lastlog is not recorded for uid >2147483647 Expected results: lastlog is recorded for uid >2147483647 Additional info: I'll attach the proposed patch.
Created attachment 433130 [details] proposed patch
I confirmed that the patch fixed this problem. # lastlog -u testlast2 Username Port From Latest testlast2 **Never logged in** # id testlast2 uid=4294967293(testlast2) gid=4294967293(testlast2) groups=4294967293(testlast2) context=root:system_r:unconfined_t:SystemLow-SystemHigh # lastlog -u testlast2 Username Port From Latest testlast2 pts/2 test.nrt. Tue Jul 20 07:06:06 -0400 2010
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Due to the limitations of the data type that was used to store user identifier (UID), the lastlog record was not created for users with UID larger than 2147483647. With this update, this data type has been changed to unsigned long integer, and the /var/log/lastlog database is now updated as expected.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0018.html