Attached is a patch for the approach I suggested previously.

I only did some ad-hoc testing with the only 2 programs that both read
and write to utmp and that I have integrated with utmps: util-linux
login and OpenSSH. And I used the simple tests I attached earlier. All

login is happy, OpenSSH is happy. I'm happy. That's good enough for
me. I re-read the POSIX doc and it doesn't seem there is any egregious
violation. YMMV.

If you'd like to incorporate the patch, you're welcome to do so. I
tried to follow your coding style but please feel free to rewrite to
match your coding standards as you see fit :)

Now that that's done, I'm having second-thoughts about this whole
utmp/wtmp endeavor and wondering if it's worth the efforts. Don't get
me wrong, I think your implementation fulfills its premises of
security and robustness quite well, and I like how it fits within the
s6 "ecosystem". But the POSIX API and data structures feel clunky and
archaic. Take for example the id field, which is an arbitrary
4-character string used to uniquely identify an entry in the database.
That doesn't strike me as very robust nor secure, given that there is
no mechanism to prevent id collisions.

Rich Felker may have made the right choice in leaving it on the
cutting floor and expecting that no-one would miss it. Perhaps we
should just let it die.

Isn't there a modern framework equivalent for user accounting on
*nix-like systems? I mean beside systemd of course :)

Reply via email to