syslogin_perform_logout: logout() returned an error

From: Bernhard Fiser (b.fiser_at_abenteuerland.at)
Date: 05/09/04

  • Next message: pillai.a_at_pg.com: "HP-UX logname: could not get login name"
    To: secureshell@securityfocus.com
    Date: Sun, 9 May 2004 12:35:10 +0200
    
    

    After setting up a tiny jail on a FreeBSD 4.9-STABLE and running sshd
    (OpenSSH_3.5p1) for the purpose of a secure remote cvs area, I discovered the
    following error message (within auth.log which is logged from sshd to
    syslogd) during the logout procedure of the user:

    May 9 08:20:22 www sshd[866]: syslogin_perform_logout: logout() returned an
    error

    Going through several mailing lists showed me that some other users discovered
    the same message, but no reasonable statements were made to how to solve this
    problem. That's why I tried to locate it and here's what I found:

    The message is generated within syslogin_perform_logout() in loginrec.c if the
    call to logout() from libutil (see logout(3)) fails. It fails if it could not
    find a corresponding entry within utmp. This entry is generated by a call to
    login() (see login(3)) during the user logs onto the host before, but login()
    doesn't have any return value, so there's no reasonable way to determine if
    the call succeeded. And this is the problem (was it on my host). Login()
    makes entries into utmp by grabbing the name of the tty by a call to
    ttyslot() (see ttyslot(3)) and ttyslot() needs the file /etc/ttys to work
    properly.

    So what to do now to correct set up your jail on your system:
    1) Make sure (touch) that the following files exist:
    /var/log/wtmp
    /var/log/lastlog
    /var/run/utmp

    2) Make sure that the file /etc/ttys (see ttys(5)) exists!!! (That was the
    problem on my system).

    3) Additionally you might place an additional log socket into your jail by
    specifying the option -l <sock> to your syslogd.

    Regards,
    Bernhard

    -- 
    _____________________________________________________________________________
    Bernhard Fiser
    b.fiser@abenteuerland.at
    http://www.abenteuerland.at/bf/
    >>> Linux is for networking, Mac is for working, Windows is for Solitaire <<<
    

  • Next message: pillai.a_at_pg.com: "HP-UX logname: could not get login name"