diff options
author | nectar <nectar@FreeBSD.org> | 1999-10-12 13:33:48 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 1999-10-12 13:33:48 +0000 |
commit | 2f0b6d319cbd077df29d1959cd8f054c17ce033c (patch) | |
tree | ea86381d73e800dec77b5873ce00bda4bafa96f0 /usr.bin/lock | |
parent | 50fa6f3da83ff2188d6a5e1dc8120bc7bedbcb52 (diff) | |
download | FreeBSD-src-2f0b6d319cbd077df29d1959cd8f054c17ce033c.zip FreeBSD-src-2f0b6d319cbd077df29d1959cd8f054c17ce033c.tar.gz |
log root unlock attempts
PR: bin/13932
Diffstat (limited to 'usr.bin/lock')
-rw-r--r-- | usr.bin/lock/lock.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/usr.bin/lock/lock.c b/usr.bin/lock/lock.c index d5b60ae..c1ffcb5 100644 --- a/usr.bin/lock/lock.c +++ b/usr.bin/lock/lock.c @@ -59,6 +59,7 @@ static const char rcsid[] = #include <sys/param.h> #include <sys/stat.h> #include <sys/time.h> +#include <sys/types.h> #include <sys/signal.h> #include <err.h> #include <ctype.h> @@ -67,7 +68,9 @@ static const char rcsid[] = #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <syslog.h> #include <unistd.h> +#include <varargs.h> #define TIMEOUT 15 @@ -91,11 +94,13 @@ main(argc, argv) time_t timval_sec; struct itimerval ntimer, otimer; struct tm *timp; - int ch, sectimeout, usemine; + int ch, failures, sectimeout, usemine; char *ap, *mypw, *ttynam, *tzn; char hostname[MAXHOSTNAMELEN], s[BUFSIZ], s1[BUFSIZ]; char *crypt(), *ttyname(); + openlog("lock", LOG_ODELAY, LOG_AUTH); + sectimeout = TIMEOUT; mypw = NULL; usemine = 0; @@ -181,6 +186,7 @@ main(argc, argv) (void)printf("lock: %s on %s. timeout in %d minutes\ntime now is %.20s%s%s", ttynam, hostname, sectimeout, ap, tzn, ap + 19); } + failures = 0; for (;;) { (void)printf("Key: "); @@ -197,9 +203,17 @@ main(argc, argv) else if (!strcmp(s, s1)) break; (void)printf("\07\n"); + failures++; + if (getuid() == 0) + syslog(LOG_NOTICE, "%d ROOT UNLOCK FAILURE%s (%s on %s)", + failures, failures > 1 ? "S": "", ttynam, hostname); if (ioctl(0, TIOCGETP, &ntty)) exit(1); + sleep(1); /* to discourage guessing */ } + if (getuid() == 0) + syslog(LOG_NOTICE, "ROOT UNLOCK ON hostname %s port %s", + hostname, ttynam); quit(); return(0); /* not reached */ } |