Arch Linux

I found the problem:

/var/run/utmp need to have permissions 0644 root:utmp.
There is one line to add in /etc/rc.sysinit to have it in group utmp.

After, xterm (I think is the same for others terminal emulators) need to be compiled setgid.
This is done by adding ``--with-utmp-setgid=utmp'' in ./configure.

This is the Ubuntu and OpenBSD way. There is another way that Gentoo use: libutempter <http://freshmeat.net/projects/libutempter/>

Arg! I forgot to say that group utmp has to be created first.

I can not replicate. Edit: using bash

With 6 xterm opened and after I changed my xterm with sgid utmp:

benoit@wok:~% ls -l /usr/bin/xterm
-rwxr-sr-x 1 root utmp 420008 May 8 22:46 /usr/bin/xterm
benoit@wok:~% ls -l /var/run/utmp
-rw-rw-r-- 1 root utmp 6912 May 9 19:26 /var/run/utmp
benoit@wok:~% w
19:27:10 up 5 min, 6 users, load average: 0.20, 0.38, 0.20
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
benoit pts/2 19:22 1:54 0.06s 0.06s -zsh
benoit pts/4 19:22 0.00s 0.07s 0.00s w
benoit pts/5 19:22 4:35 0.06s 0.06s -zsh
benoit pts/3 19:22 4:11 0.27s 0.27s -zsh
benoit pts/1 19:22 4:25 0.10s 0.05s -zsh
benoit pts/0 19:22 1:04 0.12s 0.12s -zsh


Look at the permissions of your xterm and /var/run/utmp, it's not possible
that xterm can update utmp. Launch an xterm with root, and you'll see it in
utmp (with w or who).

Contrary to the subject I put for this task, the problem is not coreutils or the shell.
It's the terminal emulator (xterm for me) which cannot update utmp.

From the INSTALL file in xterm sources:
--with-utmp-setgid=XXX use setgid for access to utmp

The option value specifies a group to use when installing.
xterm will be installed with setgid privilege to this group.
At runtime, xterm will drop the setuid privilege immediately
after opening the pseudo-terminal, and will have only the
group privilege needed to access the utmp file. This relies
on having POSIX setuid behavior.


The problem exists also with others terminal emulators:
Eterm(1)
-u, --utmp-logging
Tries to enable proper utmp logging. For this to work, Eterm
probably needs to run setuid or setgid, usually setuid root.

aterm(1)
LOGIN STAMP
aterm tries to write an entry into the utmp(5) file so that it can be
seen via the who(1) command, and can accept messages. To allow this
feature, aterm must be installed setuid root on some systems.

urxtv(1)
LOGIN STAMP
urxvt tries to write an entry into the utmp(5) file so that it can be
seen via the who(1) command, and can accept messages. To allow this
feature, urxvt may need to be installed setuid root on some systems or
setgid to root or to some other group on others.

Assigning to xterm maintainer.

As an aside, XFCE terminal:

> ls -la /usr/bin/Terminal
-rwxr-xr-x 1 root root 139256 Feb 5 04:41 /usr/bin/Terminal

No set{g,u}id there but it works. What am I missing?

XFCE terminal is build with the vte library.
# pacman -Sw vte
benoit@wok:~/tmp% tar tJvf /var/cache/pacman/pkg/vte-0.24.1-1-x86_64.pkg.tar.xz | grep -E '^.rw(s|x)r.s'
-rwxr-sr-x root/root 12976 2010-04-27 19:07 usr/lib/vte/gnome-pty-helper

This is gnome-pty-helper which does the job (setgid root).

doc/utmpwtmp.txt from sources of vte:

The utmp, wtmp, and lastlog files are used to track which users are logged in,
but in slightly different ways.

Summary:

The utmp file contains at most one entry per terminal.
The wtmp file has the same format as the utmp file, but has no limit on the
number of entries it contains.
The lastlog file contains at most one entry per UID.

When a user logs in, the entry for the terminal is set in utmp.
When a user logs in, an entry is appended to wtmp.
When a user logs in, the entry for the user's UID is set in lastlog.

When a user logs out, the entry for the terminal is cleared from utmp.
This prevents the utmp file from growing beyond a fixed size.

When a user logs out, an entry is appended to wtmp. This provides a
complete history of who logged in and out and when.

When a user logs out, nothing happens to the lastlog.
Conclusions:
A terminal should always log to utmp, because it keeps track of who's using
a given terminal device.
A terminal should probably log to wtmp, because it correlates with utmp.
A terminal should not log to lastlog, but a display manager should.

References:
http://netbsd.gw.com/cgi-bin/man-cgi?utmp++NetBSD-current
http://www.netsys.com/sunmgr/1997-12/msg00155.html

i have the same issue with xterm and rxvt-unicode.

w is always empty (except with ssh login).

a side effect of this, is they are no broadcast message done by wall and it's derivate shutdown, reboot, halt, etc.

extract from utmp (5)
Warning: utmp must not be writable by the user class "other", because many system programs (foolishly)
depend on its integrity. You risk faked system logfiles and modifications of system files if you leave
utmp writable to any user other than the owner and group owner of the file.

do we have to open a bug for every terminal in arch? Maybe a more general decision about utmp writing in arch can be done?

I cant reproduce this, neither with xterm or urxvt. xterm:
$ echo $TERM
xterm
$ pacman -Qi xterm |grep -i version
Version : 267-1
$ ls -l /usr/bin/xterm
-rwxr-xr-x 1 root root 344K Dec 7 10:23 /usr/bin/xterm*
$ w
07:27:36 up 3:34, 1 user, load average: 0.00, 0.05, 0.05
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
user tty1 03:53 3:33m 46.59s 0.02s /bin/sh /usr/bin/startx
$ who
user tty1 2011-03-02 03:53
$ echo $SHELL
/bin/zsh

You had reproduced it : you see only your login on tty1, not the shell you have in your xterm.

Type ``tty'' in your xterm, it will give you the TTY (pts), and you will never see it in ``w'' output.

This bug is open for ten months...

Indeed i can. To summarise, since this isnt just an xterm issue. Its needed to:

a) Add a utmp group to /etc/group.
Should that be handled by the .install script of each terminal, or it should be in the default /etc/group file distributed by the filesystem package?

b) rebuild all non VTE based terminals to use it.

If a consencous is reached about how item a should be handled, it should be easy to do b. I dont know how groups are supposed to be handled in Arch. The default /etc/group file contains many groups, others are just added by install scripts when you install a certain package, eg. camera, wireshark etc. but i dont think theres a policy.

a) It should be default because you have to modify also initscript (/etc/rc.sysinit) to verify/change the group of /var/run/utmp.

Another solution is to configure xterm with --with-utmp-setgid=root. No other modificaton needed but I think it is safer to use a dedicated group for this purpose.

At least Gentoo
http://sources.gentoo.org/cgi-bin/viewvc.cgi/baselayout/trunk/share.Linux/group?revision=3181&view=markup
Debian
http://ftp.de.debian.org/debian/pool/main/b/base-passwd/base-passwd_3.5.22.tar.gz
OpenBSD
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/group?rev=1.59
NetBSD
http://cvsweb.netbsd.org/bsdweb.cgi/src/etc/group?rev=1.26&content-type=text/x-cvsweb-markup&only_with_tag=MAIN
have a utmp group in default install.

Maybe should I open a feature request with initscript package?

@Benoit: Opened  FS#23240  for filesystem. Please open one for initscripts (/etc/rc.sysinit)

Thanks for the FR, for the moment, I will not open one for initscript as creating utmp group has no interest if it is not used.

Both would be added as a task this one depends upon (until completion). I think thats the way to go.

A feature request for initscripts:  FS#23309 

This affects at least the following packages in the binary repos : aterm, eterm, rxvt-unicode, screen, tmux & xterm
edit: additionally konsole seems to require libutempter

Affect also extra/vte (gnome-pty-helper should be setgid utmp).

While searching for utmp related stuff i also found some bug reports about display managers. GDM etc.
Do you, or anyone else, know if those are supposed to have write access to utmp as well, and if they work properly in Arch?

Yes, they do. extra/xorg-xdm uses sessreg (from extra/xorg-sessreg) to do it. extra/slim does not record login. kdm does. I don't know for gdm.
But it shall not be a problem as they run with euid root.

I found this discussion now arch started including the utmp group.
I understand its use, but it's not clear to me if I need to add any users to it.
Will logins only be recorded for users that are in this group?

No, you should not add yourself to that group. We'll rebuild some packages soon to make use of the new utmp group.

I have found that the xterm problem can be resolved by fixing the sgid/group of xterm and /var/run/utmp. But I log in graphically using xdm and who shows nothing related to this login. In this case it might be related to /etc/X11/xdm/Xstartup (containing a sessreg command), but I am not sure. Normally this script is run by xdm as root, so this does not seems a permission problem.

@JGC (or some other interested developer): now that initscripts 2011.04.1-2 has moved to core this can be worked on.
Do you think the creation of a todo list is in order, or should seperate requests be opened for each package?
From the above discussion the packages affected seem to be: aterm, eterm, rxvt-unicode, screen, tmux, xterm, vte, and konsole.

Also in the case of the rebuild list without seperate bug reports it may be worth renaming this reports title to something more generic than xterm.

Hi,

With the recent change in logrotate package (https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/logrotate&id=c85e8f57cd6d35d821ba75d1527da42d29023bbe), I think there is no hard work to fix this bug, just add `--with-utmp-setgid=utmp' to configure options.

We can fix this in two ways:
- by installing utempter and making xterm depend on it
- by making xterm setgid utmp

My personal opinion is that a terminal emulator should not be setgid anything and utempter is the method to use here.