1 files changed, 51 insertions, 0 deletions

diff --git a/debian/patches/008_login_log_failure_in_FTMP b/debian/patches/008_login_log_failure_in_FTMP
new file mode 100644
index 0000000..0946ca0
--- /dev/null
+++ b/debian/patches/008_login_log_failure_in_FTMP
@@ -0,0 +1,51 @@
+Goal: Log login failures to the btmp file
+
+Notes:
+ * I'm not sure login should add an entry in the FTMP file when PAM is used.
+   (but nothing in /etc/login.defs indicates that the failure is not logged)
+
+--- a/src/login.c
++++ b/src/login.c
+@@ -827,6 +827,24 @@
+ 			(void) puts ("");
+ 			(void) puts (_("Login incorrect"));
+ 
++			if (getdef_str("FTMP_FILE") != NULL) {
++#ifdef USE_UTMPX
++				struct utmpx *failent =
++					prepare_utmpx (failent_user,
++					               tty,
++					/* FIXME: or fromhost? */hostname,
++					               utent);
++#else				/* !USE_UTMPX */
++				struct utmp *failent =
++					prepare_utmp (failent_user,
++					              tty,
++					              hostname,
++					              utent);
++#endif				/* !USE_UTMPX */
++				failtmp (failent_user, failent);
++				free (failent);
++			}
++
+ 			if (failcount >= retries) {
+ 				SYSLOG ((LOG_NOTICE,
+ 				         "TOO MANY LOGIN TRIES (%u)%s FOR '%s'",
+--- a/lib/getdef.c
++++ b/lib/getdef.c
+@@ -38,7 +38,6 @@
+ 	{"ENVIRON_FILE", NULL},			\
+ 	{"ENV_TZ", NULL},			\
+ 	{"FAILLOG_ENAB", NULL},			\
+-	{"FTMP_FILE", NULL},			\
+ 	{"HMAC_CRYPTO_ALGO", NULL},		\
+ 	{"ISSUE_FILE", NULL},			\
+ 	{"LASTLOG_ENAB", NULL},			\
+@@ -80,6 +79,7 @@
+ 	{"ERASECHAR", NULL},
+ 	{"FAIL_DELAY", NULL},
+ 	{"FAKE_SHELL", NULL},
++	{"FTMP_FILE", NULL},
+ 	{"GID_MAX", NULL},
+ 	{"GID_MIN", NULL},
+ 	{"HOME_MODE", NULL},