mbox series

[0/3] Make accounting database no-op

Message ID 20231109170119.1664204-1-adhemerval.zanella@linaro.org
Headers show
Series Make accounting database no-op | expand

Message

Adhemerval Zanella Nov. 9, 2023, 5:01 p.m. UTC
The utmp/utmpx interface is the missing piece to enable full y2038
support on glibc, and even some 64 bit architectures are not fully
compatible (the ones that define __WORDSIZE_TIME64_COMPAT32).

There are multiple issues regarding 64 bit time_t support [1] [2] [3]
and a potential fix would either require breaking the ABI (as I
suggested when I started the y2038 and decided to put it aside due to
the required work) or use a different encoding for the timeval
structure (suggested by Andreas [4]).

The current implementation has some design flaws that are not
straightforward to fix without a complete rewrite [5] [6]. A utmp/utmpx
daemon will also require a security model and support for multiple
different IPC systems, which is out of scope for glibc. Also, this is
what systemd-logind essentially does so it would be a double effort
(the pt_chwon daemon is a remind that it is not easy to get this right).

This patchset removes all accounting database implementation and makes
the function no-op and/or return an error. There is not much gain in
moving the current implementation to compat symbols, it does not solve
the 64 bit time_t support for old binaries, nor it is guaranteed that
the UTMP/UTMPX files will exist in future environments.

Keeping a compat symbol also does not help with some design flags 
like BZ#24492, which I am not sure why it did not raise more security
concerns since it is easy to create DoS attacks by preventing utmp
updates.

The utmp.h/utmpx.h headers are kept as is, even though glibc does not
use its definition. The related path  _PATH_UTMP/_PATH_WTMP/etc.  points
to invalid paths, and stub link warnings are added to the affected
symbols.

[1] https://sourceware.org/bugzilla/show_bug.cgi?id=28146
[2] https://sourceware.org/bugzilla/show_bug.cgi?id=17470
[3] https://sourceware.org/bugzilla/show_bug.cgi?id=30701
[4] https://sourceware.org/pipermail/libc-alpha/2023-August/150661.html

Adhemerval Zanella (3):
  sysdeps: Re-flow and sort multiline gnu/Makefile definitions
  login: Remove utmp fallback for getlogin
  login: Make user accounting database no-op

 NEWS                                          |  18 +
 include/set-freeres.h                         |   3 -
 include/unistd.h                              |   3 -
 include/utmp.h                                |  29 -
 login/Makefile                                |   9 +-
 login/endutxent.c                             |  25 -
 login/getlogin.c                              |  13 +-
 login/getutent.c                              |  28 +-
 login/getutent_r.c                            |  45 +-
 login/getutid.c                               |  25 +-
 login/getutid_r.c                             |  34 +-
 login/getutline.c                             |  27 +-
 login/getutline_r.c                           |  21 +-
 login/getutmp.c                               |  12 +-
 login/getutmpx.c                              |  34 --
 login/getutxent.c                             |  25 -
 login/getutxid.c                              |  25 -
 login/getutxline.c                            |  25 -
 login/login.c                                 | 118 +---
 login/logout.c                                |  44 +-
 login/logwtmp.c                               |  22 +-
 login/programs/utmpdump.c                     |  62 ---
 login/pututxline.c                            |  25 -
 login/setutxent.c                             |  25 -
 login/tst-pututxline-cache.c                  | 193 -------
 login/tst-pututxline-lockfail.c               | 176 ------
 login/tst-updwtmpx.c                          | 112 ----
 login/tst-utmp.c                              | 377 -------------
 login/tst-utmpx.c                             |   2 -
 login/updwtmp.c                               |  13 +-
 login/updwtmpx.c                              |  25 -
 login/utmp-private.h                          |  44 --
 login/utmp_file.c                             | 506 ------------------
 login/utmpname.c                              |  57 +-
 login/utmpxname.c                             |  25 -
 malloc/set-freeres.c                          |   6 -
 manual/users.texi                             | 446 ++-------------
 sysdeps/generic/paths.h                       |   6 +-
 sysdeps/gnu/Makefile                          |  43 +-
 sysdeps/gnu/getutmp.c                         |  34 --
 sysdeps/gnu/getutmpx.c                        |   1 -
 sysdeps/gnu/updwtmp.c                         |  30 --
 sysdeps/gnu/utmp_file.c                       |  30 --
 sysdeps/mach/hurd/getlogin.c                  |  35 --
 sysdeps/unix/getlogin.c                       |  81 ---
 sysdeps/unix/getlogin_r.c                     | 103 ----
 sysdeps/unix/sysv/linux/getlogin.c            |  39 --
 sysdeps/unix/sysv/linux/getlogin_r.c          |  34 +-
 sysdeps/unix/sysv/linux/paths.h               |   4 +-
 sysdeps/unix/sysv/linux/s390/s390-32/Makefile |   4 -
 .../unix/sysv/linux/s390/s390-32/getutent.c   |  19 +-
 .../unix/sysv/linux/s390/s390-32/getutent_r.c |  11 +-
 .../unix/sysv/linux/s390/s390-32/getutid.c    |   4 +-
 .../unix/sysv/linux/s390/s390-32/getutid_r.c  |   2 +-
 .../unix/sysv/linux/s390/s390-32/getutline.c  |   4 +-
 .../sysv/linux/s390/s390-32/getutline_r.c     |   2 +-
 .../unix/sysv/linux/s390/s390-32/getutmp.c    |  20 +-
 .../unix/sysv/linux/s390/s390-32/getutxent.c  |  29 -
 .../unix/sysv/linux/s390/s390-32/getutxid.c   |  29 -
 .../unix/sysv/linux/s390/s390-32/getutxline.c |  29 -
 sysdeps/unix/sysv/linux/s390/s390-32/login.c  |   1 +
 .../unix/sysv/linux/s390/s390-32/login32.c    |  37 --
 .../unix/sysv/linux/s390/s390-32/pututxline.c |  29 -
 .../unix/sysv/linux/s390/s390-32/updwtmp.c    |   6 +-
 .../unix/sysv/linux/s390/s390-32/updwtmpx.c   |  29 -
 .../sysv/linux/s390/s390-32/utmp-convert.h    |  85 ---
 sysdeps/unix/sysv/linux/s390/s390-32/utmp32.c | 183 -------
 sysdeps/unix/sysv/linux/s390/s390-32/utmp32.h |  51 --
 .../sysv/linux/s390/s390-32/utmpx-convert.h   |  84 ---
 .../unix/sysv/linux/s390/s390-32/utmpx32.c    | 138 -----
 .../unix/sysv/linux/s390/s390-32/utmpx32.h    |  59 --
 sysdeps/unix/sysv/linux/utmp_file.c           |  36 --
 72 files changed, 212 insertions(+), 3798 deletions(-)
 delete mode 100644 login/endutxent.c
 delete mode 100644 login/getutmpx.c
 delete mode 100644 login/getutxent.c
 delete mode 100644 login/getutxid.c
 delete mode 100644 login/getutxline.c
 delete mode 100644 login/programs/utmpdump.c
 delete mode 100644 login/pututxline.c
 delete mode 100644 login/setutxent.c
 delete mode 100644 login/tst-pututxline-cache.c
 delete mode 100644 login/tst-pututxline-lockfail.c
 delete mode 100644 login/tst-updwtmpx.c
 delete mode 100644 login/tst-utmp.c
 delete mode 100644 login/tst-utmpx.c
 delete mode 100644 login/updwtmpx.c
 delete mode 100644 login/utmp-private.h
 delete mode 100644 login/utmp_file.c
 delete mode 100644 login/utmpxname.c
 delete mode 100644 sysdeps/gnu/getutmp.c
 delete mode 100644 sysdeps/gnu/getutmpx.c
 delete mode 100644 sysdeps/gnu/updwtmp.c
 delete mode 100644 sysdeps/gnu/utmp_file.c
 delete mode 100644 sysdeps/mach/hurd/getlogin.c
 delete mode 100644 sysdeps/unix/getlogin.c
 delete mode 100644 sysdeps/unix/getlogin_r.c
 delete mode 100644 sysdeps/unix/sysv/linux/getlogin.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/getutxent.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/getutxid.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/getutxline.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/login32.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/pututxline.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/updwtmpx.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/utmp-convert.h
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/utmp32.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/utmp32.h
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/utmpx-convert.h
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/utmpx32.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/utmpx32.h
 delete mode 100644 sysdeps/unix/sysv/linux/utmp_file.c