Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#19392 - [xterm] w/who does not show my login shell

Attached to Project: Arch Linux
Opened by Benoit Izac (benizac) - Saturday, 08 May 2010, 13:44 GMT
Last edited by Jan de Groot (JGC) - Tuesday, 11 December 2012, 10:32 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Jan de Groot (JGC)
Andreas Radke (AndyRTR)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 5
Private No

Details

I have 6 xterm opened, each have zsh (login shell mode) running inside. ``w'' or ``who'' output is empty.

benoit@wok:~% pgrep xterm
3382
3383
3384
3385
3387
3388
benoit@wok:~% ps auxwww | grep '[^]]zsh'
benoit 3607 0.0 0.0 27160 3012 pts/1 Ss+ 15:25 0:00 -zsh
benoit 3608 0.0 0.0 24932 2704 pts/0 Ss+ 15:25 0:00 -zsh
benoit 3609 0.0 0.0 24944 2728 pts/2 Ss 15:25 0:00 -zsh
benoit 3611 0.0 0.0 27136 3004 pts/5 Ss 15:25 0:00 -zsh
benoit 3615 0.0 0.0 24932 2700 pts/4 Ss+ 15:25 0:00 -zsh
benoit 3616 0.0 0.0 27228 3116 pts/3 Ss 15:25 0:00 -zsh
benoit@wok:~% w
15:41:36 up 16 min, 0 users, load average: 0.07, 0.04, 0.06
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
benoit@wok:~% who
benoit@wok:~%

I have an output only from ssh or tty login.
This task depends upon

Closed by  Jan de Groot (JGC)
Tuesday, 11 December 2012, 10:32 GMT
Reason for closing:  Fixed
Comment by Benoit Izac (benizac) - Saturday, 08 May 2010, 21:28 GMT
I found the problem:

/var/run/utmp need to have permissions 0644 root:utmp.
There is one line to add in /etc/rc.sysinit to have it in group utmp.

After, xterm (I think is the same for others terminal emulators) need to be compiled setgid.
This is done by adding ``--with-utmp-setgid=utmp'' in ./configure.

This is the Ubuntu and OpenBSD way. There is another way that Gentoo use: libutempter <http://freshmeat.net/projects/libutempter/>
Comment by Benoit Izac (benizac) - Saturday, 08 May 2010, 21:31 GMT
Arg! I forgot to say that group utmp has to be created first.
Comment by Allan McRae (Allan) - Sunday, 09 May 2010, 12:59 GMT
I can not replicate. Edit: using bash
Comment by Benoit Izac (benizac) - Sunday, 09 May 2010, 17:43 GMT
With 6 xterm opened and after I changed my xterm with sgid utmp:

benoit@wok:~% ls -l /usr/bin/xterm
-rwxr-sr-x 1 root utmp 420008 May 8 22:46 /usr/bin/xterm
benoit@wok:~% ls -l /var/run/utmp
-rw-rw-r-- 1 root utmp 6912 May 9 19:26 /var/run/utmp
benoit@wok:~% w
19:27:10 up 5 min, 6 users, load average: 0.20, 0.38, 0.20
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
benoit pts/2 19:22 1:54 0.06s 0.06s -zsh
benoit pts/4 19:22 0.00s 0.07s 0.00s w
benoit pts/5 19:22 4:35 0.06s 0.06s -zsh
benoit pts/3 19:22 4:11 0.27s 0.27s -zsh
benoit pts/1 19:22 4:25 0.10s 0.05s -zsh
benoit pts/0 19:22 1:04 0.12s 0.12s -zsh


Look at the permissions of your xterm and /var/run/utmp, it's not possible
that xterm can update utmp. Launch an xterm with root, and you'll see it in
utmp (with w or who).

Contrary to the subject I put for this task, the problem is not coreutils or the shell.
It's the terminal emulator (xterm for me) which cannot update utmp.

From the INSTALL file in xterm sources:
--with-utmp-setgid=XXX use setgid for access to utmp

The option value specifies a group to use when installing.
xterm will be installed with setgid privilege to this group.
At runtime, xterm will drop the setuid privilege immediately
after opening the pseudo-terminal, and will have only the
group privilege needed to access the utmp file. This relies
on having POSIX setuid behavior.


The problem exists also with others terminal emulators:
Eterm(1)
-u, --utmp-logging
Tries to enable proper utmp logging. For this to work, Eterm
probably needs to run setuid or setgid, usually setuid root.

aterm(1)
LOGIN STAMP
aterm tries to write an entry into the utmp(5) file so that it can be
seen via the who(1) command, and can accept messages. To allow this
feature, aterm must be installed setuid root on some systems.

urxtv(1)
LOGIN STAMP
urxvt tries to write an entry into the utmp(5) file so that it can be
seen via the who(1) command, and can accept messages. To allow this
feature, urxvt may need to be installed setuid root on some systems or
setgid to root or to some other group on others.

Comment by Allan McRae (Allan) - Sunday, 09 May 2010, 22:16 GMT
  • Field changed: Summary ([coreutils] w/who does not show my login shell → [xterm] w/who does not show my login shell)
  • Task reassigned to Jan de Groot (JGC)
Assigning to xterm maintainer.

As an aside, XFCE terminal:

> ls -la /usr/bin/Terminal
-rwxr-xr-x 1 root root 139256 Feb 5 04:41 /usr/bin/Terminal

No set{g,u}id there but it works. What am I missing?
Comment by Benoit Izac (benizac) - Monday, 10 May 2010, 16:52 GMT
XFCE terminal is build with the vte library.
# pacman -Sw vte
benoit@wok:~/tmp% tar tJvf /var/cache/pacman/pkg/vte-0.24.1-1-x86_64.pkg.tar.xz | grep -E '^.rw(s|x)r.s'
-rwxr-sr-x root/root 12976 2010-04-27 19:07 usr/lib/vte/gnome-pty-helper

This is gnome-pty-helper which does the job (setgid root).

doc/utmpwtmp.txt from sources of vte:

The utmp, wtmp, and lastlog files are used to track which users are logged in,
but in slightly different ways.

Summary:

The utmp file contains at most one entry per terminal.
The wtmp file has the same format as the utmp file, but has no limit on the
number of entries it contains.
The lastlog file contains at most one entry per UID.

When a user logs in, the entry for the terminal is set in utmp.
When a user logs in, an entry is appended to wtmp.
When a user logs in, the entry for the user's UID is set in lastlog.

When a user logs out, the entry for the terminal is cleared from utmp.
This prevents the utmp file from growing beyond a fixed size.

When a user logs out, an entry is appended to wtmp. This provides a
complete history of who logged in and out and when.

When a user logs out, nothing happens to the lastlog.
Conclusions:
A terminal should always log to utmp, because it keeps track of who's using
a given terminal device.
A terminal should probably log to wtmp, because it correlates with utmp.
A terminal should not log to lastlog, but a display manager should.

References:
http://netbsd.gw.com/cgi-bin/man-cgi?utmp++NetBSD-current
http://www.netsys.com/sunmgr/1997-12/msg00155.html
Comment by Sébastien Luttringer (seblu) - Monday, 15 November 2010, 02:29 GMT
i have the same issue with xterm and rxvt-unicode.

w is always empty (except with ssh login).

a side effect of this, is they are no broadcast message done by wall and it's derivate shutdown, reboot, halt, etc.

extract from utmp (5)
Warning: utmp must not be writable by the user class "other", because many system programs (foolishly)
depend on its integrity. You risk faked system logfiles and modifications of system files if you leave
utmp writable to any user other than the owner and group owner of the file.

do we have to open a bug for every terminal in arch? Maybe a more general decision about utmp writing in arch can be done?


Comment by Greg (dolby) - Wednesday, 02 March 2011, 05:32 GMT
I cant reproduce this, neither with xterm or urxvt. xterm:
$ echo $TERM
xterm
$ pacman -Qi xterm |grep -i version
Version : 267-1
$ ls -l /usr/bin/xterm
-rwxr-xr-x 1 root root 344K Dec 7 10:23 /usr/bin/xterm*
$ w
07:27:36 up 3:34, 1 user, load average: 0.00, 0.05, 0.05
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
user tty1 03:53 3:33m 46.59s 0.02s /bin/sh /usr/bin/startx
$ who
user tty1 2011-03-02 03:53
$ echo $SHELL
/bin/zsh
Comment by Benoit Izac (benizac) - Wednesday, 02 March 2011, 19:08 GMT
You had reproduced it : you see only your login on tty1, not the shell you have in your xterm.

Type ``tty'' in your xterm, it will give you the TTY (pts), and you will never see it in ``w'' output.

This bug is open for ten months...
Comment by Greg (dolby) - Thursday, 03 March 2011, 02:17 GMT
Indeed i can. To summarise, since this isnt just an xterm issue. Its needed to:

a) Add a utmp group to /etc/group.
Should that be handled by the .install script of each terminal, or it should be in the default /etc/group file distributed by the filesystem package?

b) rebuild all non VTE based terminals to use it.

If a consencous is reached about how item a should be handled, it should be easy to do b. I dont know how groups are supposed to be handled in Arch. The default /etc/group file contains many groups, others are just added by install scripts when you install a certain package, eg. camera, wireshark etc. but i dont think theres a policy.
Comment by Benoit Izac (benizac) - Thursday, 03 March 2011, 18:24 GMT
a) It should be default because you have to modify also initscript (/etc/rc.sysinit) to verify/change the group of /var/run/utmp.

Another solution is to configure xterm with --with-utmp-setgid=root. No other modificaton needed but I think it is safer to use a dedicated group for this purpose.

At least Gentoo
http://sources.gentoo.org/cgi-bin/viewvc.cgi/baselayout/trunk/share.Linux/group?revision=3181&view=markup
Debian
http://ftp.de.debian.org/debian/pool/main/b/base-passwd/base-passwd_3.5.22.tar.gz
OpenBSD
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/group?rev=1.59
NetBSD
http://cvsweb.netbsd.org/bsdweb.cgi/src/etc/group?rev=1.26&content-type=text/x-cvsweb-markup&only_with_tag=MAIN
have a utmp group in default install.

Maybe should I open a feature request with initscript package?
Comment by Greg (dolby) - Friday, 11 March 2011, 12:17 GMT
@Benoit: Opened  FS#23240  for filesystem. Please open one for initscripts (/etc/rc.sysinit)
Comment by Benoit Izac (benizac) - Saturday, 12 March 2011, 08:12 GMT
Thanks for the FR, for the moment, I will not open one for initscript as creating utmp group has no interest if it is not used.
Comment by Greg (dolby) - Saturday, 12 March 2011, 11:22 GMT
Both would be added as a task this one depends upon (until completion). I think thats the way to go.
Comment by Greg (dolby) - Thursday, 17 March 2011, 09:11 GMT
A feature request for initscripts:  FS#23309 
Comment by Greg (dolby) - Thursday, 17 March 2011, 18:00 GMT
This affects at least the following packages in the binary repos : aterm, eterm, rxvt-unicode, screen, tmux & xterm
edit: additionally konsole seems to require libutempter
Comment by Benoit Izac (benizac) - Thursday, 17 March 2011, 20:26 GMT
Affect also extra/vte (gnome-pty-helper should be setgid utmp).
Comment by Greg (dolby) - Thursday, 17 March 2011, 20:33 GMT
While searching for utmp related stuff i also found some bug reports about display managers. GDM etc.
Do you, or anyone else, know if those are supposed to have write access to utmp as well, and if they work properly in Arch?
Comment by Benoit Izac (benizac) - Thursday, 17 March 2011, 20:54 GMT
Yes, they do. extra/xorg-xdm uses sessreg (from extra/xorg-sessreg) to do it. extra/slim does not record login. kdm does. I don't know for gdm.
But it shall not be a problem as they run with euid root.
Comment by Mathijs Kwik (bluescreen303) - Thursday, 14 April 2011, 07:31 GMT
I found this discussion now arch started including the utmp group.
I understand its use, but it's not clear to me if I need to add any users to it.
Will logins only be recorded for users that are in this group?

Comment by Jan de Groot (JGC) - Thursday, 14 April 2011, 07:36 GMT
No, you should not add yourself to that group. We'll rebuild some packages soon to make use of the new utmp group.
Comment by Olive (olivel) - Thursday, 21 April 2011, 18:35 GMT
I have found that the xterm problem can be resolved by fixing the sgid/group of xterm and /var/run/utmp. But I log in graphically using xdm and who shows nothing related to this login. In this case it might be related to /etc/X11/xdm/Xstartup (containing a sessreg command), but I am not sure. Normally this script is run by xdm as root, so this does not seems a permission problem.

Comment by Greg (dolby) - Monday, 02 May 2011, 14:40 GMT
@JGC (or some other interested developer): now that initscripts 2011.04.1-2 has moved to core this can be worked on.
Do you think the creation of a todo list is in order, or should seperate requests be opened for each package?
From the above discussion the packages affected seem to be: aterm, eterm, rxvt-unicode, screen, tmux, xterm, vte, and konsole.

Also in the case of the rebuild list without seperate bug reports it may be worth renaming this reports title to something more generic than xterm.
Comment by Benoit Izac (benizac) - Tuesday, 20 November 2012, 20:01 GMT
Hi,

With the recent change in logrotate package (https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/logrotate&id=c85e8f57cd6d35d821ba75d1527da42d29023bbe), I think there is no hard work to fix this bug, just add `--with-utmp-setgid=utmp' to configure options.

Comment by Jan de Groot (JGC) - Monday, 03 December 2012, 15:05 GMT
We can fix this in two ways:
- by installing utempter and making xterm depend on it
- by making xterm setgid utmp

My personal opinion is that a terminal emulator should not be setgid anything and utempter is the method to use here.

Loading...