Light Display Manager

Merge lp:~tyhicks/lightdm/auditing into lp:lightdm

  1. auditing
  2. Merge into trunk
Proposed by Tyler Hicks
Status: Merged
Merged at revision: 2183
Proposed branch: lp:~tyhicks/lightdm/auditing
Merge into: lp:lightdm
Diff against target: 157 lines (+68/-0)
6 files modified
configure.ac (+17/-0)
debian/changelog (+15/-0)
debian/control (+1/-0)
debian/lightdm.lightdm-autologin.pam (+1/-0)
debian/lightdm.pam (+1/-0)
src/session-child.c (+33/-0)
To merge this branch: bzr merge lp:~tyhicks/lightdm/auditing
Reviewer Review Type Date Requested Status
Robert Ancell Approve
PS Jenkins bot continuous-integration Needs Fixing
Review via email: mp+269828@code.launchpad.net

Description of the change

Adds the ability to generate audit log events when a user is logging in or out.

I've tested logging in and out as an admin user w/ password, a standard user w/ password, an autologin user, and a guest session. Unfortunately, I don't know how to test remote sessions.

To post a comment you must log in.
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Is it kosher to modify configure.ac directly?

Thanks

Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :

FAILED: Continuous integration, rev:2181
No commit message was specified in the merge proposal. Click on the following link and set the commit message (if you want a jenkins rebuild you need to trigger it yourself):
https://code.launchpad.net/~tyhicks/lightdm/auditing/+merge/269828/+edit-commit-message

http://jenkins.qa.ubuntu.com/job/lightdm-ci/312/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-wily-amd64-ci/2
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-wily-armhf-ci/2

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/lightdm-ci/312/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
Tyler Hicks (tyhicks) wrote :

@Seth - This is an upstream lightdm merge request so I am modifying configure.ac and src/session-child.c directly. It is maybe a bit confusing since the upstream lightdm project contains a debian/ directory, which I've also updated accordingly in this merge.

Revision history for this message
Robert Ancell (robert-ancell) wrote :

Yay, yet another auditing system...

Looks fine otherwise.

review: Approve
Revision history for this message
Sebastien Bacher (seb128) wrote :

those changes seem to create an issue with the lockscreen, see bug #1498775

Revision history for this message
Robert Ancell (robert-ancell) wrote :

This has been disabled until we solve the issue in bug 1498775.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'configure.ac'
2--- configure.ac 2015-08-16 22:44:33 +0000
3+++ configure.ac 2015-09-02 01:58:24 +0000
4@@ -129,6 +129,23 @@
5 fi
6 AM_CONDITIONAL(COMPILE_LIBLIGHTDM_QT5, test x"$compile_liblightdm_qt5" != "xno")
7
8+AC_ARG_ENABLE([audit],
9+ AS_HELP_STRING([--enable-audit],
10+ [Enable audit logging of login and logout events [[default=auto]]]),
11+ [enable_audit=$enableval],
12+ [enable_audit=auto])
13+if test x"$enable_audit" != "xno"; then
14+ AC_CHECK_LIB([audit], [audit_log_user_message],
15+ [AC_DEFINE(HAVE_LIBAUDIT, 1, [libaudit support])
16+ LIGHTDM_LIBS="${LIGHTDM_LIBS} -laudit"
17+ ],
18+ [if test "x$enable_audit" != xauto; then
19+ AC_MSG_FAILURE(
20+ [--enable-audit was given, but test for libaudit failed])
21+ fi
22+ ])
23+fi
24+
25 AC_MSG_CHECKING(whether to build tests)
26 AC_ARG_ENABLE(tests,
27 AS_HELP_STRING([--disable-tests], [Disable tests building]),
28
29=== modified file 'debian/changelog'
30--- debian/changelog 2015-08-26 08:42:02 +0000
31+++ debian/changelog 2015-09-02 01:58:24 +0000
32@@ -1,3 +1,18 @@
33+lightdm (1.15.3-0ubuntu4) UNRELEASED; urgency=medium
34+
35+ * Generate login and logout events that can be used by the Linux Audit tools
36+ such as aulast and aureport (LP: #1319278) (LP: #1478087)
37+ - Link against libaudit and log AUDIT_USER_LOGIN and AUDIT_USER_LOGOUT
38+ events after appending entries to the wtmp file. These events go to the
39+ audit log and can then be consumed by the Linux Audit tools.
40+ - debian/control: Add libaudit-dev to Build-Depends
41+ - debian/lightdm.pam, debian/lightdm-autologin.pam: Set the loginuid for
42+ the process that is authenticating. This allows for the UID to be
43+ properly set when AUDIT_USER_LOGIN and AUDIT_USER_LOGOUT events are
44+ logged.
45+
46+ -- Tyler Hicks <tyhicks@canonical.com> Tue, 01 Sep 2015 20:37:22 -0500
47+
48 lightdm (1.15.3-0ubuntu3) wily; urgency=medium
49
50 * debian/lightdm.postrm:
51
52=== modified file 'debian/control'
53--- debian/control 2015-08-10 04:38:18 +0000
54+++ debian/control 2015-09-02 01:58:24 +0000
55@@ -27,6 +27,7 @@
56 gtk-doc-tools,
57 yelp-tools,
58 dbus,
59+ libaudit-dev
60 Homepage: https://launchpad.net/lightdm
61 # If you aren't a member of ~lightdm-team but need to upload packaging changes,
62 # just go ahead. ~lightdm-team will notice and sync up the code again.
63
64=== modified file 'debian/lightdm.lightdm-autologin.pam'
65--- debian/lightdm.lightdm-autologin.pam 2013-07-16 23:36:16 +0000
66+++ debian/lightdm.lightdm-autologin.pam 2015-09-02 01:58:24 +0000
67@@ -3,6 +3,7 @@
68 auth required pam_permit.so
69 @include common-account
70 session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
71+session required pam_loginuid.so
72 session required pam_limits.so
73 @include common-session
74 session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
75
76=== modified file 'debian/lightdm.pam'
77--- debian/lightdm.pam 2015-08-24 10:51:30 +0000
78+++ debian/lightdm.pam 2015-09-02 01:58:24 +0000
79@@ -7,6 +7,7 @@
80 auth optional pam_kwallet5.so
81 @include common-account
82 session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
83+session required pam_loginuid.so
84 session required pam_limits.so
85 @include common-session
86 session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
87
88=== modified file 'src/session-child.c'
89--- src/session-child.c 2015-03-18 22:36:10 +0000
90+++ src/session-child.c 2015-09-02 01:58:24 +0000
91@@ -16,6 +16,7 @@
92 #include <utmp.h>
93 #include <utmpx.h>
94 #include <sys/mman.h>
95+#include <libaudit.h>
96
97 #include "configuration.h"
98 #include "session-child.h"
99@@ -220,6 +221,32 @@
100 updwtmp (wtmp_file, &u);
101 }
102
103+static void
104+audit_event (int type, const gchar *username, uid_t uid, const gchar *remote_host_name, const gchar *tty, gboolean success)
105+{
106+#if HAVE_LIBAUDIT
107+ int auditfd, result;
108+ const char *op = NULL;
109+
110+ auditfd = audit_open ();
111+ if (auditfd < 0) {
112+ g_printerr ("Error opening audit socket: %s\n", strerror (errno));
113+ return;
114+ }
115+
116+ if (type == AUDIT_USER_LOGIN)
117+ op = "login";
118+ else if (type == AUDIT_USER_LOGOUT)
119+ op = "logout";
120+ result = success == TRUE ? 1 : 0;
121+
122+ if (audit_log_acct_message (auditfd, type, NULL, op, username, uid, remote_host_name, NULL, tty, result) <= 0)
123+ g_printerr ("Error writing audit message: %s\n", strerror (errno));
124+
125+ close (auditfd);
126+#endif
127+}
128+
129 int
130 session_child_run (int argc, char **argv)
131 {
132@@ -386,6 +413,8 @@
133 ut.ut_tv.tv_usec = tv.tv_usec;
134
135 updwtmpx ("/var/log/btmp", &ut);
136+
137+ audit_event (AUDIT_USER_LOGIN, username, -1, remote_host_name, tty, FALSE);
138 }
139
140 /* Check account is valid */
141@@ -701,6 +730,8 @@
142 g_printerr ("Failed to write utmpx: %s\n", strerror (errno));
143 endutxent ();
144 updwtmpx ("/var/log/wtmp", &ut);
145+
146+ audit_event (AUDIT_USER_LOGIN, username, uid, remote_host_name, tty, TRUE);
147 }
148
149 waitpid (child_pid, &return_code, 0);
150@@ -737,6 +768,8 @@
151 g_printerr ("Failed to write utmpx: %s\n", strerror (errno));
152 endutxent ();
153 updwtmpx ("/var/log/wtmp", &ut);
154+
155+ audit_event (AUDIT_USER_LOGOUT, username, uid, remote_host_name, tty, TRUE);
156 }
157 }
158

Subscribers

People subscribed via source and target branches