netbsd-bugs: Re: bin/2075: change root login failures to LOG

Subject: Re: bin/2075: change root login failures to LOG_WARNING?
To: None <gnats-bugs@NetBSD.ORG, netbsd-bugs@NetBSD.ORG>
From: Chris Jones <cjones@rupert.oscs.montana.edu>
List: netbsd-bugs
Date: 02/14/1996 18:59:38

Here's a patch for /usr/src/usr.bin/login/login.c.  Please don't close
the PR yet, as su and kerberos still need to be patched.

*** login.c	Wed Feb 14 18:42:53 1996
--- login.c.old	Wed Feb 14 17:31:50 1996
***************
*** 302,312 ****
  			    "%s login refused on this terminal.\n",
  			    pwd->pw_name);
  			if (hostname)
! 				syslog(LOG_WARNING,
  				    "LOGIN %s REFUSED FROM %s ON TTY %s",
  				    pwd->pw_name, hostname, tty);
  			else
! 				syslog(LOG_WARNING,
  				    "LOGIN %s REFUSED ON TTY %s",
  				     pwd->pw_name, tty);
  			continue;
--- 302,312 ----
  			    "%s login refused on this terminal.\n",
  			    pwd->pw_name);
  			if (hostname)
! 				syslog(LOG_NOTICE,
  				    "LOGIN %s REFUSED FROM %s ON TTY %s",
  				    pwd->pw_name, hostname, tty);
  			else
! 				syslog(LOG_NOTICE,
  				    "LOGIN %s REFUSED ON TTY %s",
  				     pwd->pw_name, tty);
  			continue;
***************
*** 640,665 ****
  badlogin(name)
  	char *name;
  {
- 	int loglevel;
- 
- 	/* root login failures are a bigger deal than others: */
- 	if (pwd->pw_uid == 0)
- 		loglevel = LOG_WARNING;
- 	else
- 		loglevel = LOG_NOTICE;
- 
  	if (failures == 0)
  		return;
  	if (hostname) {
! 		syslog(loglevel, "%d LOGIN FAILURE%s FROM %s",
  		    failures, failures > 1 ? "S" : "", hostname);
! 		syslog(LOG_AUTHPRIV|loglevel,
  		    "%d LOGIN FAILURE%s FROM %s, %s",
  		    failures, failures > 1 ? "S" : "", hostname, name);
  	} else {
! 		syslog(loglevel, "%d LOGIN FAILURE%s ON %s",
  		    failures, failures > 1 ? "S" : "", tty);
! 		syslog(LOG_AUTHPRIV|loglevel,
  		    "%d LOGIN FAILURE%s ON %s, %s",
  		    failures, failures > 1 ? "S" : "", tty, name);
  	}
--- 640,657 ----
  badlogin(name)
  	char *name;
  {
  	if (failures == 0)
  		return;
  	if (hostname) {
! 		syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s",
  		    failures, failures > 1 ? "S" : "", hostname);
! 		syslog(LOG_AUTHPRIV|LOG_NOTICE,
  		    "%d LOGIN FAILURE%s FROM %s, %s",
  		    failures, failures > 1 ? "S" : "", hostname, name);
  	} else {
! 		syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s",
  		    failures, failures > 1 ? "S" : "", tty);
! 		syslog(LOG_AUTHPRIV|LOG_NOTICE,
  		    "%d LOGIN FAILURE%s ON %s, %s",
  		    failures, failures > 1 ? "S" : "", tty, name);
  	}