(*** This bug was imported into bugs.kde.org ***) Package: konsole Version: 1.0.1 (KDE 2.0.1) Severity: grave Compiler: gcc version 2.95.2 19991024 (release) OS: Linux 2.2.17 i686 (compiled sources) The way konsole deals with utmp/wtmp logging namely ignoring it altogether causes serveral serious problems. I am using PAM and the PAM-based 'su' 'passwd' and 'login' programs from the SimplePAMApps package. These tools work just fine when invoked from a character console or from a shell running in xterm. However since they retreive user information from utmp records they all fail when invoked from a shell running in konsole. This includes all actions that execute 'su' implicitly such as opening an administrator console. I read the discussion of the topic contained in the help files but I do not agree with your conclusion that the entire logging should be handled by kdm. Here's what the man page (man 5 utmp) says: xterm(1) and other terminal emulators directly create a USER_PROCESS record and generate the ut_id by using the last two letters of /dev/ttyp%c or by using p%d for /dev/pts/%d. If they find a DEAD_PROCESS for this id they recycle it otherwise they create a new entry. If they can they will mark it as DEAD_PROCESS on exiting and it is advised that they null ut_line ut_time ut_user and ut_host as well. xdm(8) should not create an utmp record because there is no assigned terminal. Letting it create one will result in trouble like: finger: can not stat /dev/machine.dom. It should create wtmp entries though just like ftpd(8) does. I strongly suggest you implement user logging for konsole the way the man page says. As it's now konsole cannot be used as a full replacement for xterm.
"Thomas Köller" wrote: > > Package: konsole > Version: 1.0.1 (KDE 2.0.1) > Severity: grave > Compiler: gcc version 2.95.2 19991024 (release) > OS: Linux 2.2.17 i686 (compiled sources) > > The way konsole deals with utmp/wtmp logging namely ignoring it altogether causes serveral serious problems. > I am using PAM and the PAM-based 'su' 'passwd' and 'login' programs from the SimplePAMApps package. > These tools work just fine when invoked from a character console or from a shell running in xterm. However > since they retreive user information from utmp records they all fail when invoked from a shell running in konsole. > This includes all actions that execute 'su' implicitly such as opening an administrator console. > I read the discussion of the topic contained in the help files but I do not agree with your conclusion that the > entire logging should be handled by kdm. Here's what the man page (man 5 utmp) says: > > xterm(1) and other terminal emulators directly create a > USER_PROCESS record and generate the ut_id by using the > last two letters of /dev/ttyp%c or by using p%d for > /dev/pts/%d. If they find a DEAD_PROCESS for this id > they recycle it otherwise they create a new entry. If > they can they will mark it as DEAD_PROCESS on exiting and > it is advised that they null ut_line ut_time ut_user and > ut_host as well. > > xdm(8) should not create an utmp record because there is > no assigned terminal. Letting it create one will result > in trouble like: finger: can not stat /dev/machine.dom. > It should create wtmp entries though just like ftpd(8) > does. > > I strongly suggest you implement user logging for konsole the way the man page says. As it's now konsole > cannot be used as a full replacement for xterm. It works just fine but relies on utempter. xterm is setuid/setgid and opens up a possible security hole and we decided strictly against doing that within KDE. utempter is a very small daemon with library to define utmp entries. Just install and reconfigure kdebase to use it. RH and Caldera have it for sure don't know about your distribution. Greetings Stephan -- Frauen und Maenner passen vielleicht nicht zusammen aber meine allerschoensten Schrammen habe ich mir bei diesem Duell geholt. -- Reinhard Mey
From the final enry on this bug report... It works just fine but relies on utempter. xterm is setuid/setgid and opens up a possible security hole and we decided strictly against doing that within KDE. utempter is a very small daemon with library to define utmp entries. Just install and reconfigure kdebase to use it. RH and Caldera have it for sure don't know about your distribution. Greetings Stephan It appears that this log is closed and determined to be a feature not a bug. -Chris