Re: [systemd-devel] lastlog and friends
On Tue, Jul 29, 2014 at 09:28:42PM +0200, Lennart Poettering wrote: On Tue, 29.07.14 14:43, Karel Zak (k...@redhat.com) wrote: systemd TODO: - Replace utmp, wtmp, btmp, and lastlog completely with journal Can someone elaborate and provide more details, ideas, .. ? Basically, we just want to have a nice tool that can dump data similar to lastlog or last to stdout, originating from the journal. in util-linux 2.25 (f21, and backported to rhel6 and rhel7) we have introduced lslogins. It's mostly motived by requests from classic admis (RH customers) who after migration to Linux complains that all unixes have logins command. It's designed like lsblk(8), so it's easy to extend, and it's possible add another sources for data. Now it reads info from libc (getpwent()), utmp, wtmp, lastlog and also from journal to get last user's messages. $ sudo ./lslogins kzak m Username: kzak UID:1000 Gecos field:Karel Zak,Home Office,123 Home directory: /home/kzak Shell: /bin/bash No login: no Password is locked: no Password not required: no Login by password disabled: no Primary group: kzak GID:1000 Supplementary groups: test,mock Supplementary group IDs:1001,988 Last login: Jul29/09:30 Last terminal: pts/5 Last hostname: localhost Failed login: Jul29/18:22 Failed login terminal: :0 Hushed: no Password expiration warn interval: 7 Password changed: 2013-Jan16 Maximum change time:9 Running processes: 51 Last logs: Jul 30 09:35:01 gnome-session[1516]:and actually has type UTF8_STRING format 8 n_items 0. Jul 30 09:35:01 gnome-session[1516]:This is most likely an application bug, not a window manager bug. Jul 30 09:35:01 gnome-session[1516]:The window has title=mutt class=terminology name=mutt $ sudo ./lslogins --system-accs UID USER PROC PWD-LOCK PWD-DENY LAST-LOGIN GECOS 988 uuidd 001UUID generator helper daemon 989 geoclue 001User for geoclue 990 unbound 001Unbound DNS resolver 991 lightdm 001 992 nm-openconnect001NetworkManager user for OpenConnect 993 openvpn 001OpenVPN 994 radvd 001radvd user 995 pulse 001PulseAudio System Daemon 996 colord101User for colord 997 chrony101 998 saslauth 001Saslauthd user 999 polkitd 101User for polkitd etc.. The current lastlog is sparse file and it's difficult to use for backup programs or integrity checkers, etc. So requests from users/customers are pretty common. The idea (from someone from RH) is to have very simple and tiny library that provides unified API for different backends (classic lastlog, systemd journal, etc.) to keep applications portable. Something like: https://github.com/marmolak/liblastlog2 Frankly, I'd like to see something more than only lastlog, but also utmp, wtmp support. Honestly, this sounds like something awfully peripheral to deserve a library of its own. Yes, I have many doubts too... Also, a library whose primary purpose is to be abstraction glue to support one backend that is supposed to be the backend of the future and one that is really something that should go away sounds like a bad idea. I mean, what would the benefit be? Eventually people should just The primary goal for the library was to replace the current ugly lastlog file format with a better format. Karel -- Karel Zak k...@redhat.com http://karelzak.blogspot.com ___
[systemd-devel] lastlog and friends
systemd TODO: - Replace utmp, wtmp, btmp, and lastlog completely with journal Can someone elaborate and provide more details, ideas, .. ? The current lastlog is sparse file and it's difficult to use for backup programs or integrity checkers, etc. So requests from users/customers are pretty common. The idea (from someone from RH) is to have very simple and tiny library that provides unified API for different backends (classic lastlog, systemd journal, etc.) to keep applications portable. Something like: https://github.com/marmolak/liblastlog2 Frankly, I'd like to see something more than only lastlog, but also utmp, wtmp support. Note that I'm not involved in the project, but as login(1), last(1), ... maintainer I'd like to see a public discussion about this topic. Maybe all we need for things like lastlog and wtmp is journald and then a few #ifdef in applications like login(1), who(1) or PAM. Maybe it would be better than add an extra abstraction layer (by any library). Not sure, too many question :-) Karel -- Karel Zak k...@redhat.com http://karelzak.blogspot.com ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lastlog and friends
On Tue, Jul 29, 2014 at 02:51:37PM +0200, Reindl Harald wrote: Maybe all we need for things like lastlog and wtmp is journald and then a few #ifdef in applications like login(1), who(1) or PAM. Maybe it would be better than add an extra abstraction layer (by any library). Not sure, too many question :-) please keep in mind that on servers Storage=volatile and forward to classic rsyslog is common and that won't change - so whatever you read from journal are only recent entries which won't survive a reboot That's why I'm asking, I guess that behind the TODO item is any idea which has to be implement in on journal side. I'd like to know the long-term goal to avoid some future misunderstanding/flames :-) Karel -- Karel Zak k...@redhat.com http://karelzak.blogspot.com ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lastlog and friends
On Tue, 29.07.14 14:43, Karel Zak (k...@redhat.com) wrote: systemd TODO: - Replace utmp, wtmp, btmp, and lastlog completely with journal Can someone elaborate and provide more details, ideas, .. ? Basically, we just want to have a nice tool that can dump data similar to lastlog or last to stdout, originating from the journal. utmp (i.e. data about who is currently logged in) is actually mostly covered by loginctl already. Not sure where precisely that tool should actually live though. I am tempted to say it should just be a one or two additional verbs for loginctl (which should gain some journal integration anyway, for example to show log messages of a specific session and suchlike). While this funcionality should make equivalent data as lastlog or last available, this is explicitly not about providing interface compatibility. The current lastlog is sparse file and it's difficult to use for backup programs or integrity checkers, etc. So requests from users/customers are pretty common. The idea (from someone from RH) is to have very simple and tiny library that provides unified API for different backends (classic lastlog, systemd journal, etc.) to keep applications portable. Something like: https://github.com/marmolak/liblastlog2 Frankly, I'd like to see something more than only lastlog, but also utmp, wtmp support. Honestly, this sounds like something awfully peripheral to deserve a library of its own. Also, a library whose primary purpose is to be abstraction glue to support one backend that is supposed to be the backend of the future and one that is really something that should go away sounds like a bad idea. I mean, what would the benefit be? Eventually people should just use the modern API anyway. And until that day they can use the old utmp API. And asking them to port everything to a third API in between sounds like an excercise in creating more work for poor overworked developers... ;-) Note that accounts-service actually provides an API to query some details of utmp (for example used to populated the faces browser in gdm). Now, accounts-services was always intended to be a stopgap, but I am pretty sure querying lastlog/utmp info is best done in it, or in the subsystem that one day might replace it. I think lastlog/utmp/wtmp handling is just one detail of user management the way accounts-service is doing it. I hope that makes some sense. Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lastlog and friends
On Tue, 29.07.14 14:51, Reindl Harald (h.rei...@thelounge.net) wrote: please keep in mind that on servers Storage=volatile and forward to classic rsyslog is common and that won't change - so whatever you read from journal are only recent entries which won't survive a reboot Well, whatever. If you turn off local journal storage, you get no local journal storage, and your login history stored within it will be truncated. But that's completely OK and simply what the admin configured. I see no reason to duplicate everything in utmp because some folks disable local storage... Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] lastlog and friends
On 07/29/2014 07:28 PM, Lennart Poettering wrote: Not sure where precisely that tool should actually live though. I am tempted to say it should just be a one or two additional verbs for loginctl (which should gain some journal integration anyway, for example to show log messages of a specific session and suchlike). Hmm... Does it really need two new verbs? Cant list-sessions and list-users simply list active for the active user(s) and show timestamps for the rest which should cover the usefulness of who,last and lastlog? ( It's a bit redundant info seeing who has never logged as well as seeing who has ) loginctl list-sessions SESSIONUID USER SEATLast Active 1 1000 johannbg seat0ACTIVE 1 1001 suzyseat0$DATE And equivalent for list-users. I guess if that's not good enough show-active, show-last could be added to list-sessions, list-users JBG ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel