Bug 831888 - virt-manger does not update wtmp information
virt-manger does not update wtmp information
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: virt-manager (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: virt-mgr-maint
Virtualization Bugs
Depends On:
  Show dependency treegraph
Reported: 2012-06-13 22:32 EDT by Rob Lowe
Modified: 2014-02-02 13:01 EST (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-02-02 13:01:40 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Rob Lowe 2012-06-13 22:32:27 EDT
Description of problem:

This is probably more of a feature request...

virt-manger does not update /var/log/wtmp information. It would be useful to have this information when auditing authentications. I understand that there is information logged to /var/log/secure (LOG_AUTHPRIV), but these may be rotated and removed (a month, by default), while wtmp is often retained for much longer.

Steps to Reproduce:
1. Connect to virt-manager instance and disconnect soon after.
2. Wait 5 minutes (to ensure there is a decernable difference in the time between connections) and then login via SSH.
3. Run the last(1) command.
Actual results: Only the SSH connection will be visable in the last command output.

Expected results: Both the SSH and the virt-manager connection would be visible in the last command.
Comment 4 Martin Kletzander 2013-04-11 09:56:14 EDT
Can you describe more closely what connection to virt-manager instance are you referring to?  Are you using virt-manager to connect to remote libvirtd instance using ssh?
Comment 5 Rob Lowe 2013-04-14 21:48:44 EDT
(In reply to comment #4)

> Are you using virt-manager to connect to remote libvirtd
> instance using ssh?

Yes, that is correct.
Comment 6 hyao@redhat.com 2013-06-19 04:58:44 EDT
I've reproduce the bug on both rhel6.4 and rhel7:

Comment 8 Cole Robinson 2013-07-16 10:14:21 EDT
This is a general ssh 'problem', nothing specific to virt-manager or libvirt. We run 'ssh [cmd]' and a google search shows this doesn't update wtmp information. Specifying ssh -t will probably make this work, but historically we try not to mess with our ssh cli generation since it is fragile and hard to make it work across multiple distros.

As you mention, this information is already recorded in /var/log/secure. If it's rotated too fast I'm sure that can be adjusted somewhere.

If we are going to 'fix' this, we need another bug report to track libvirt ssh usage as well. However my recommendation is CLOSED->WONTFIX.
Comment 9 Cole Robinson 2014-02-02 13:01:40 EST
Closing as WONTFIX like I originally suggested.

Note You need to log in before you can comment on or make changes to this bug.