[thirdparty/util-linux.git] / login-utils / utmpdump.c

/*
 * utmpdump
 *
 * Simple program to dump UTMP and WTMP files in raw format, so they can be
 * examined.
 *
 * Based on utmpdump dump from sysvinit suite.
 *
 * Copyright (C) 1991-2000 Miquel van Smoorenburg <miquels@cistron.nl>
 *
 * Copyright (C) 1998 Danek Duvall <duvall@alumni.princeton.edu>
 * Copyright (C) 2012 Karel Zak <kzak@redhat.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <utmpx.h>
#include <time.h>
#include <ctype.h>
#include <getopt.h>
#include <unistd.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/stat.h>
#ifdef HAVE_INOTIFY_INIT
#include <sys/inotify.h>
#endif

#include "c.h"
#include "nls.h"
#include "xalloc.h"
#include "closestream.h"
#include "timeutils.h"

static time_t strtotime(const char *s_time)
{
	struct tm tm;

	memset(&tm, '\0', sizeof(struct tm));

	if (s_time[0] == ' ' || s_time[0] == '\0')
		return (time_t)0;

	if (isdigit(s_time[0])) {
		/* [1998-09-01T01:00:00,000000+00:00]
		 * Subseconds are parsed with strtousec().  Timezone is
		 * always UTC-0 */
		strptime(s_time, "%Y-%m-%dT%H:%M:%S", &tm);
	} else {
		/* [Tue Sep 01 00:00:00 1998 GMT] */
		strptime(s_time, "%a %b %d %T %Y", &tm);
		/* Cheesy way of checking for DST.  This could be needed
		 * with legacy dumps that used localtime(3).  */
		if (s_time[26] == 'D')
			tm.tm_isdst = 1;
	}
	return timegm(&tm);
}

static suseconds_t strtousec(const char *s_time)
{
	const char *s = strchr(s_time, ',');
	if (s)
		return (suseconds_t) atoi(s + 1);
	return 0;
}

#define cleanse(x) xcleanse(x, sizeof(x))
static void xcleanse(char *s, int len)
{
	for ( ; *s && len-- > 0; s++)
		if (!isprint(*s) || *s == '[' || *s == ']')
			*s = '?';
}

static void print_utline(struct utmpx *ut, FILE *out)
{
	const char *addr_string;
	char buffer[INET6_ADDRSTRLEN];
	char time_string[40];
	struct timeval tv;

	if (ut->ut_addr_v6[1] || ut->ut_addr_v6[2] || ut->ut_addr_v6[3])
		addr_string = inet_ntop(AF_INET6, &(ut->ut_addr_v6), buffer, sizeof(buffer));
	else
		addr_string = inet_ntop(AF_INET, &(ut->ut_addr_v6), buffer, sizeof(buffer));

	tv.tv_sec = ut->ut_tv.tv_sec;
	tv.tv_usec = ut->ut_tv.tv_usec;

	if (strtimeval_iso(&tv,
			   ISO_8601_DATE | ISO_8601_TIME | ISO_8601_COMMAUSEC |
			   ISO_8601_TIMEZONE | ISO_8601_GMTIME, time_string,
			   sizeof(time_string)) != 0)
		return;
	cleanse(ut->ut_id);
	cleanse(ut->ut_user);
	cleanse(ut->ut_line);
	cleanse(ut->ut_host);

	/*            type pid    id       user     line     host     addr    time */
	fprintf(out, "[%d] [%05d] [%-4.4s] [%-*.*s] [%-*.*s] [%-*.*s] [%-15s] [%s]\n",
	       ut->ut_type, ut->ut_pid, ut->ut_id,
	       8, (int)sizeof(ut->ut_user), ut->ut_user,
	       12, (int)sizeof(ut->ut_line), ut->ut_line,
	       20, (int)sizeof(ut->ut_host), ut->ut_host,
	       addr_string, time_string);
}

#ifdef HAVE_INOTIFY_INIT
#define EVENTS		(IN_MODIFY|IN_DELETE_SELF|IN_MOVE_SELF|IN_UNMOUNT)
#define NEVENTS		4

static void roll_file(const char *filename, off_t *size, FILE *out)
{
	FILE *in;
	struct stat st;
	struct utmpx ut;
	off_t pos;

	if (!(in = fopen(filename, "r")))
		err(EXIT_FAILURE, _("cannot open %s"), filename);

	if (fstat(fileno(in), &st) == -1)
		err(EXIT_FAILURE, _("stat of %s failed"), filename);

	if (st.st_size == *size)
		goto done;

	if (fseek(in, *size, SEEK_SET) != (off_t) -1) {
		while (fread(&ut, sizeof(ut), 1, in) == 1)
			print_utline(&ut, out);
	}

	pos = ftello(in);
	/* If we've successfully read something, use the file position, this
	 * avoids data duplication.  If we read nothing or hit an error,
	 * reset to the reported size, this handles truncated files.
	 */
	*size = (pos != -1 && pos != *size) ? pos : st.st_size;

done:
	fclose(in);
}

static int follow_by_inotify(FILE *in, const char *filename, FILE *out)
{
	char buf[NEVENTS * sizeof(struct inotify_event)];
	int fd, wd, event;
	ssize_t length;
	off_t size;

	fd = inotify_init();
	if (fd == -1)
		return -1;	/* probably reached any limit ... */

	size = ftello(in);
	fclose(in);

	wd = inotify_add_watch(fd, filename, EVENTS);
	if (wd == -1)
		err(EXIT_FAILURE, _("%s: cannot add inotify watch."), filename);

	while (wd >= 0) {
		errno = 0;
		length = read(fd, buf, sizeof(buf));

		if (length < 0 && (errno == EINTR || errno == EAGAIN))
			continue;
		if (length < 0)
			err(EXIT_FAILURE, _("%s: cannot read inotify events"),
				    filename);

		for (event = 0; event < length;) {
			struct inotify_event *ev =
				    (struct inotify_event *) &buf[event];

			if (ev->mask & IN_MODIFY)
				roll_file(filename, &size, out);
			else {
				close(wd);
				wd = -1;
				break;
			}
			event += sizeof(struct inotify_event) + ev->len;
		}
	}

	close(fd);
	return 0;
}
#endif /* HAVE_INOTIFY_INIT */

static FILE *dump(FILE *in, const char *filename, int follow, FILE *out)
{
	struct utmpx ut;

	if (follow)
		ignore_result( fseek(in, -10 * sizeof(ut), SEEK_END) );

	while (fread(&ut, sizeof(ut), 1, in) == 1)
		print_utline(&ut, out);

	if (!follow)
		return in;

#ifdef HAVE_INOTIFY_INIT
	if (follow_by_inotify(in, filename, out) == 0)
		return NULL;				/* file already closed */
	else
#endif
		/* fallback for systems without inotify or with non-free
		 * inotify instances */
		for (;;) {
			while (fread(&ut, sizeof(ut), 1, in) == 1)
				print_utline(&ut, out);
			sleep(1);
		}

	return in;
}


/* This function won't work properly if there's a ']' or a ' ' in the real
 * token.  Thankfully, this should never happen.  */
static int gettok(char *line, char *dest, int size, int eatspace)
{
	int bpos, epos, eaten;

	bpos = strchr(line, '[') - line;
	if (bpos < 0)
		errx(EXIT_FAILURE, _("Extraneous newline in file. Exiting."));

	line += 1 + bpos;
	epos = strchr(line, ']') - line;
	if (epos < 0)
		errx(EXIT_FAILURE, _("Extraneous newline in file. Exiting."));

	line[epos] = '\0';
	eaten = bpos + epos + 1;

	if (eatspace) {
		char *t;
		if ((t = strchr(line, ' ')))
			*t = 0;
	}
	strncpy(dest, line, size);

	return eaten + 1;
}

static void undump(FILE *in, FILE *out)
{
	struct utmpx ut;
	char s_addr[INET6_ADDRSTRLEN + 1], s_time[29], *linestart, *line;

	linestart = xmalloc(1024 * sizeof(*linestart));
	s_time[28] = 0;

	while (fgets(linestart, 1023, in)) {
		line = linestart;
		memset(&ut, '\0', sizeof(ut));
		sscanf(line, "[%hd] [%d] [%4c] ", &ut.ut_type, &ut.ut_pid, ut.ut_id);

		line += 19;
		line += gettok(line, ut.ut_user, sizeof(ut.ut_user), 1);
		line += gettok(line, ut.ut_line, sizeof(ut.ut_line), 1);
		line += gettok(line, ut.ut_host, sizeof(ut.ut_host), 1);
		line += gettok(line, s_addr, sizeof(s_addr) - 1, 1);
		gettok(line, s_time, sizeof(s_time) - 1, 0);
		if (strchr(s_addr, '.'))
			inet_pton(AF_INET, s_addr, &(ut.ut_addr_v6));
		else
			inet_pton(AF_INET6, s_addr, &(ut.ut_addr_v6));

		ut.ut_tv.tv_sec = strtotime(s_time);
		ut.ut_tv.tv_usec = strtousec(s_time);

		ignore_result( fwrite(&ut, sizeof(ut), 1, out) );
	}

	free(linestart);
}

static void __attribute__((__noreturn__)) usage(FILE *out)
{
	fputs(USAGE_HEADER, out);

	fprintf(out,
		_(" %s [options] [filename]\n"), program_invocation_short_name);

	fputs(USAGE_SEPARATOR, out);
	fputs(_("Dump UTMP and WTMP files in raw format.\n"), out);

	fputs(USAGE_OPTIONS, out);
	fputs(_(" -f, --follow         output appended data as the file grows\n"), out);
	fputs(_(" -r, --reverse        write back dumped data into utmp file\n"), out);
	fputs(_(" -o, --output <file>  write to file instead of standard output\n"), out);
	fputs(USAGE_HELP, out);
	fputs(USAGE_VERSION, out);

	fprintf(out, USAGE_MAN_TAIL("utmpdump(1)"));
	exit(out == stderr ? EXIT_FAILURE : EXIT_SUCCESS);
}

int main(int argc, char **argv)
{
	int c;
	FILE *in = NULL, *out = NULL;
	int reverse = 0, follow = 0;
	const char *filename = NULL;

	static const struct option longopts[] = {
		{ "follow",  no_argument,       NULL, 'f' },
		{ "reverse", no_argument,       NULL, 'r' },
		{ "output",  required_argument, NULL, 'o' },
		{ "help",    no_argument,       NULL, 'h' },
		{ "version", no_argument,       NULL, 'V' },
		{ NULL, 0, NULL, 0 }
	};

	setlocale(LC_ALL, "");
	bindtextdomain(PACKAGE, LOCALEDIR);
	textdomain(PACKAGE);
	atexit(close_stdout);

	while ((c = getopt_long(argc, argv, "fro:hV", longopts, NULL)) != -1) {
		switch (c) {
		case 'r':
			reverse = 1;
			break;

		case 'f':
			follow = 1;
			break;

		case 'o':
			out = fopen(optarg, "w");
			if (!out)
				err(EXIT_FAILURE, _("cannot open %s"),
				    optarg);
			break;

		case 'h':
			usage(stdout);
			break;
		case 'V':
			printf(UTIL_LINUX_VERSION);
			return EXIT_SUCCESS;
		default:
			errtryhelp(EXIT_FAILURE);
		}
	}

	if (!out)
		out = stdout;

	if (optind < argc) {
		filename = argv[optind];
		in = fopen(filename, "r");
		if (!in)
			err(EXIT_FAILURE, _("cannot open %s"), filename);
	} else {
		if (follow)
			errx(EXIT_FAILURE, _("following standard input is unsupported"));
		filename = "/dev/stdin";
		in = stdin;
	}

	if (reverse) {
		fprintf(stderr, _("Utmp undump of %s\n"), filename);
		undump(in, out);
	} else {
		fprintf(stderr, _("Utmp dump of %s\n"), filename);
		in = dump(in, filename, follow, out);
	}

	if (out != stdout && close_stream(out))
		err(EXIT_FAILURE, _("write failed"));

	if (in && in != stdin)
		fclose(in);

	return EXIT_SUCCESS;
}
Commit	Line	Data
78d5ceac	1	/*
fa9baa80	2	* utmpdump
78d5ceac	3	*
fa9baa80 KZ	4	* Simple program to dump UTMP and WTMP files in raw format, so they can be
fa9baa80 KZ	5	* examined.
78d5ceac	6	*
fa9baa80	7	* Based on utmpdump dump from sysvinit suite.
78d5ceac	8	*
fa9baa80	9	* Copyright (C) 1991-2000 Miquel van Smoorenburg <miquels@cistron.nl>
78d5ceac	10	*
fa9baa80 KZ	11	* Copyright (C) 1998 Danek Duvall <duvall@alumni.princeton.edu>
fa9baa80 KZ	12	* Copyright (C) 2012 Karel Zak <kzak@redhat.com>
78d5ceac	13	*
fa9baa80 KZ	14	* This program is free software; you can redistribute it and/or modify
	15	* it under the terms of the GNU General Public License as published by
	16	* the Free Software Foundation; either version 2 of the License, or
	17	* (at your option) any later version.
78d5ceac	18	*
fa9baa80 KZ	19	* This program is distributed in the hope that it will be useful,
	20	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	21	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	* GNU General Public License for more details.
78d5ceac	23	*
fa9baa80 KZ	24	* You should have received a copy of the GNU General Public License
	25	* along with this program; if not, write to the Free Software
	26	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
78d5ceac	27	*/
78d5ceac KZ	28	#include <stdio.h>
	29	#include <stdlib.h>
	30	#include <string.h>
b4b919fe	31	#include <utmpx.h>
78d5ceac KZ	32	#include <time.h>
78d5ceac KZ	33	#include <ctype.h>
9e15c93d	34	#include <getopt.h>
78d5ceac KZ	35	#include <unistd.h>
	36	#include <netinet/in.h>
	37	#include <arpa/inet.h>
7346f2b6 SK	38	#include <sys/stat.h>
	39	#ifdef HAVE_INOTIFY_INIT
	40	#include <sys/inotify.h>
	41	#endif
78d5ceac	42
23031b99 KZ	43	#include "c.h"
23031b99 KZ	44	#include "nls.h"
34f4d961	45	#include "xalloc.h"
23031b99	46	#include "closestream.h"
b72a75e9	47	#include "timeutils.h"
23031b99	48
34f4d961	49	static time_t strtotime(const char *s_time)
78d5ceac KZ	50	{
78d5ceac KZ	51	struct tm tm;
fa9baa80	52
78d5ceac KZ	53	memset(&tm, '\0', sizeof(struct tm));
	54
	55	if (s_time[0] == ' ' \|\| s_time[0] == '\0')
	56	return (time_t)0;
	57
1173d0a6 SK	58	if (isdigit(s_time[0])) {
	59	/* [1998-09-01T01:00:00,000000+00:00]
	60	* Subseconds are parsed with strtousec(). Timezone is
	61	* always UTC-0 */
	62	strptime(s_time, "%Y-%m-%dT%H:%M:%S", &tm);
	63	} else {
	64	/* [Tue Sep 01 00:00:00 1998 GMT] */
	65	strptime(s_time, "%a %b %d %T %Y", &tm);
	66	/* Cheesy way of checking for DST. This could be needed
	67	* with legacy dumps that used localtime(3). */
	68	if (s_time[26] == 'D')
	69	tm.tm_isdst = 1;
	70	}
3749bdce	71	return timegm(&tm);
78d5ceac KZ	72	}
78d5ceac KZ	73
1173d0a6 SK	74	static suseconds_t strtousec(const char *s_time)
	75	{
	76	const char *s = strchr(s_time, ',');
	77	if (s)
	78	return (suseconds_t) atoi(s + 1);
	79	return 0;
	80	}
1173d0a6	81
78d5ceac	82	#define cleanse(x) xcleanse(x, sizeof(x))
34f4d961	83	static void xcleanse(char *s, int len)
78d5ceac KZ	84	{
	85	for ( ; *s && len-- > 0; s++)
	86	if (!isprint(s) \|\| s == '[' \|\| *s == ']')
	87	*s = '?';
	88	}
	89
b4b919fe	90	static void print_utline(struct utmpx ut, FILE out)
78d5ceac	91	{
1173d0a6	92	const char *addr_string;
ee508c15	93	char buffer[INET6_ADDRSTRLEN];
1173d0a6 SK	94	char time_string[40];
1173d0a6 SK	95	struct timeval tv;
ee508c15	96
912a7077 KZ	97	if (ut->ut_addr_v6[1] \|\| ut->ut_addr_v6[2] \|\| ut->ut_addr_v6[3])
912a7077 KZ	98	addr_string = inet_ntop(AF_INET6, &(ut->ut_addr_v6), buffer, sizeof(buffer));
ee508c15	99	else
912a7077	100	addr_string = inet_ntop(AF_INET, &(ut->ut_addr_v6), buffer, sizeof(buffer));
78d5ceac	101
1173d0a6 SK	102	tv.tv_sec = ut->ut_tv.tv_sec;
	103	tv.tv_usec = ut->ut_tv.tv_usec;
	104
	105	if (strtimeval_iso(&tv,
	106	ISO_8601_DATE \| ISO_8601_TIME \| ISO_8601_COMMAUSEC \|
	107	ISO_8601_TIMEZONE \| ISO_8601_GMTIME, time_string,
	108	sizeof(time_string)) != 0)
	109	return;
912a7077 KZ	110	cleanse(ut->ut_id);
	111	cleanse(ut->ut_user);
	112	cleanse(ut->ut_line);
	113	cleanse(ut->ut_host);
78d5ceac	114
f718c2fc	115	/* type pid id user line host addr time */
1173d0a6	116	fprintf(out, "[%d] [%05d] [%-4.4s] [%-.s] [%-.s] [%-.s] [%-15s] [%s]\n",
f718c2fc RM	117	ut->ut_type, ut->ut_pid, ut->ut_id,
	118	8, (int)sizeof(ut->ut_user), ut->ut_user,
	119	12, (int)sizeof(ut->ut_line), ut->ut_line,
	120	20, (int)sizeof(ut->ut_host), ut->ut_host,
cd903a0e	121	addr_string, time_string);
78d5ceac KZ	122	}
78d5ceac KZ	123
7346f2b6 SK	124	#ifdef HAVE_INOTIFY_INIT
	125	#define EVENTS (IN_MODIFY\|IN_DELETE_SELF\|IN_MOVE_SELF\|IN_UNMOUNT)
	126	#define NEVENTS 4
	127
930954d8	128	static void roll_file(const char filename, off_t size, FILE *out)
78d5ceac	129	{
930954d8	130	FILE *in;
7346f2b6	131	struct stat st;
b4b919fe	132	struct utmpx ut;
7346f2b6	133	off_t pos;
78d5ceac	134
930954d8	135	if (!(in = fopen(filename, "r")))
289dcc90	136	err(EXIT_FAILURE, _("cannot open %s"), filename);
7346f2b6	137
930954d8	138	if (fstat(fileno(in), &st) == -1)
fc14ceba	139	err(EXIT_FAILURE, _("stat of %s failed"), filename);
7346f2b6	140
faebdd91 KZ	141	if (st.st_size == *size)
faebdd91 KZ	142	goto done;
78d5ceac	143
930954d8 SK	144	if (fseek(in, *size, SEEK_SET) != (off_t) -1) {
930954d8 SK	145	while (fread(&ut, sizeof(ut), 1, in) == 1)
912a7077	146	print_utline(&ut, out);
7346f2b6 SK	147	}
7346f2b6 SK	148
930954d8	149	pos = ftello(in);
7346f2b6 SK	150	/* If we've successfully read something, use the file position, this
	151	* avoids data duplication. If we read nothing or hit an error,
	152	* reset to the reported size, this handles truncated files.
	153	*/
	154	size = (pos != -1 && pos != size) ? pos : st.st_size;
	155
faebdd91	156	done:
930954d8	157	fclose(in);
7346f2b6 SK	158	}
7346f2b6 SK	159
930954d8	160	static int follow_by_inotify(FILE in, const char filename, FILE *out)
7346f2b6 SK	161	{
7346f2b6 SK	162	char buf[NEVENTS * sizeof(struct inotify_event)];
7346f2b6 SK	163	int fd, wd, event;
	164	ssize_t length;
	165	off_t size;
	166
	167	fd = inotify_init();
	168	if (fd == -1)
	169	return -1; /* probably reached any limit ... */
	170
930954d8 SK	171	size = ftello(in);
930954d8 SK	172	fclose(in);
7346f2b6 SK	173
	174	wd = inotify_add_watch(fd, filename, EVENTS);
	175	if (wd == -1)
	176	err(EXIT_FAILURE, _("%s: cannot add inotify watch."), filename);
	177
	178	while (wd >= 0) {
	179	errno = 0;
	180	length = read(fd, buf, sizeof(buf));
	181
	182	if (length < 0 && (errno == EINTR \|\| errno == EAGAIN))
	183	continue;
	184	if (length < 0)
	185	err(EXIT_FAILURE, _("%s: cannot read inotify events"),
	186	filename);
	187
	188	for (event = 0; event < length;) {
	189	struct inotify_event *ev =
	190	(struct inotify_event *) &buf[event];
	191
	192	if (ev->mask & IN_MODIFY)
930954d8	193	roll_file(filename, &size, out);
7346f2b6 SK	194	else {
	195	close(wd);
	196	wd = -1;
	197	break;
	198	}
	199	event += sizeof(struct inotify_event) + ev->len;
	200	}
	201	}
	202
	203	close(fd);
	204	return 0;
	205	}
	206	#endif /* HAVE_INOTIFY_INIT */
	207
930954d8	208	static FILE dump(FILE in, const char filename, int follow, FILE out)
7346f2b6	209	{
b4b919fe	210	struct utmpx ut;
7346f2b6 SK	211
7346f2b6 SK	212	if (follow)
85dd024d	213	ignore_result( fseek(in, -10 * sizeof(ut), SEEK_END) );
7346f2b6	214
930954d8	215	while (fread(&ut, sizeof(ut), 1, in) == 1)
912a7077	216	print_utline(&ut, out);
7346f2b6 SK	217
7346f2b6 SK	218	if (!follow)
930954d8	219	return in;
faebdd91	220
7346f2b6	221	#ifdef HAVE_INOTIFY_INIT
930954d8	222	if (follow_by_inotify(in, filename, out) == 0)
faebdd91 KZ	223	return NULL; /* file already closed */
faebdd91 KZ	224	else
7346f2b6 SK	225	#endif
	226	/* fallback for systems without inotify or with non-free
	227	* inotify instances */
	228	for (;;) {
930954d8	229	while (fread(&ut, sizeof(ut), 1, in) == 1)
912a7077	230	print_utline(&ut, out);
704bd903	231	sleep(1);
7346f2b6	232	}
faebdd91	233
930954d8	234	return in;
78d5ceac KZ	235	}
78d5ceac KZ	236
7346f2b6	237
78d5ceac KZ	238	/* This function won't work properly if there's a ']' or a ' ' in the real
78d5ceac KZ	239	* token. Thankfully, this should never happen. */
34f4d961	240	static int gettok(char line, char dest, int size, int eatspace)
78d5ceac KZ	241	{
78d5ceac KZ	242	int bpos, epos, eaten;
78d5ceac KZ	243
78d5ceac KZ	244	bpos = strchr(line, '[') - line;
704bd903 KZ	245	if (bpos < 0)
704bd903 KZ	246	errx(EXIT_FAILURE, _("Extraneous newline in file. Exiting."));
78d5ceac	247
704bd903	248	line += 1 + bpos;
78d5ceac	249	epos = strchr(line, ']') - line;
704bd903	250	if (epos < 0)
cd903a0e	251	errx(EXIT_FAILURE, _("Extraneous newline in file. Exiting."));
78d5ceac	252
704bd903	253	line[epos] = '\0';
78d5ceac KZ	254	eaten = bpos + epos + 1;
78d5ceac KZ	255
704bd903	256	if (eatspace) {
e31926b4	257	char *t;
cd903a0e SK	258	if ((t = strchr(line, ' ')))
cd903a0e SK	259	*t = 0;
704bd903	260	}
cd903a0e	261	strncpy(dest, line, size);
78d5ceac KZ	262
	263	return eaten + 1;
	264	}
	265
930954d8	266	static void undump(FILE in, FILE out)
78d5ceac	267	{
b4b919fe	268	struct utmpx ut;
ee508c15	269	char s_addr[INET6_ADDRSTRLEN + 1], s_time[29], linestart, line;
78d5ceac	270
ad20f0d8	271	linestart = xmalloc(1024 * sizeof(*linestart));
78d5ceac KZ	272	s_time[28] = 0;
78d5ceac KZ	273
930954d8	274	while (fgets(linestart, 1023, in)) {
78d5ceac	275	line = linestart;
cd903a0e SK	276	memset(&ut, '\0', sizeof(ut));
cd903a0e SK	277	sscanf(line, "[%hd] [%d] [%4c] ", &ut.ut_type, &ut.ut_pid, ut.ut_id);
78d5ceac KZ	278
78d5ceac KZ	279	line += 19;
cd903a0e SK	280	line += gettok(line, ut.ut_user, sizeof(ut.ut_user), 1);
	281	line += gettok(line, ut.ut_line, sizeof(ut.ut_line), 1);
	282	line += gettok(line, ut.ut_host, sizeof(ut.ut_host), 1);
	283	line += gettok(line, s_addr, sizeof(s_addr) - 1, 1);
ad20f0d8	284	gettok(line, s_time, sizeof(s_time) - 1, 0);
ee508c15 SK	285	if (strchr(s_addr, '.'))
	286	inet_pton(AF_INET, s_addr, &(ut.ut_addr_v6));
	287	else
	288	inet_pton(AF_INET6, s_addr, &(ut.ut_addr_v6));
55771f54	289
cfa7fe89	290	ut.ut_tv.tv_sec = strtotime(s_time);
1173d0a6	291	ut.ut_tv.tv_usec = strtousec(s_time);
55771f54	292
930954d8	293	ignore_result( fwrite(&ut, sizeof(ut), 1, out) );
78d5ceac KZ	294	}
	295
	296	free(linestart);
	297	}
	298
c8a6af07	299	static void __attribute__((__noreturn__)) usage(FILE *out)
78d5ceac	300	{
c8a6af07 KZ	301	fputs(USAGE_HEADER, out);
	302
	303	fprintf(out,
4810de91	304	_(" %s [options] [filename]\n"), program_invocation_short_name);
c8a6af07	305
451dbcfa BS	306	fputs(USAGE_SEPARATOR, out);
	307	fputs(_("Dump UTMP and WTMP files in raw format.\n"), out);
	308
c8a6af07	309	fputs(USAGE_OPTIONS, out);
930954d8 SK	310	fputs(_(" -f, --follow output appended data as the file grows\n"), out);
	311	fputs(_(" -r, --reverse write back dumped data into utmp file\n"), out);
	312	fputs(_(" -o, --output <file> write to file instead of standard output\n"), out);
400bc941 SK	313	fputs(USAGE_HELP, out);
400bc941 SK	314	fputs(USAGE_VERSION, out);
c8a6af07 KZ	315
	316	fprintf(out, USAGE_MAN_TAIL("utmpdump(1)"));
	317	exit(out == stderr ? EXIT_FAILURE : EXIT_SUCCESS);
78d5ceac KZ	318	}
	319
	320	int main(int argc, char **argv)
	321	{
	322	int c;
930954d8	323	FILE in = NULL, out = NULL;
faebdd91	324	int reverse = 0, follow = 0;
704bd903	325	const char *filename = NULL;
78d5ceac	326
9e15c93d	327	static const struct option longopts[] = {
87918040 SK	328	{ "follow", no_argument, NULL, 'f' },
	329	{ "reverse", no_argument, NULL, 'r' },
	330	{ "output", required_argument, NULL, 'o' },
	331	{ "help", no_argument, NULL, 'h' },
	332	{ "version", no_argument, NULL, 'V' },
	333	{ NULL, 0, NULL, 0 }
9e15c93d KZ	334	};
9e15c93d KZ	335
23031b99 KZ	336	setlocale(LC_ALL, "");
	337	bindtextdomain(PACKAGE, LOCALEDIR);
	338	textdomain(PACKAGE);
	339	atexit(close_stdout);
	340
930954d8	341	while ((c = getopt_long(argc, argv, "fro:hV", longopts, NULL)) != -1) {
78d5ceac KZ	342	switch (c) {
	343	case 'r':
	344	reverse = 1;
	345	break;
	346
	347	case 'f':
faebdd91	348	follow = 1;
78d5ceac KZ	349	break;
78d5ceac KZ	350
930954d8 SK	351	case 'o':
	352	out = fopen(optarg, "w");
	353	if (!out)
	354	err(EXIT_FAILURE, _("cannot open %s"),
	355	optarg);
	356	break;
	357
78d5ceac	358	case 'h':
c8a6af07	359	usage(stdout);
78d5ceac	360	break;
9e15c93d KZ	361	case 'V':
9e15c93d KZ	362	printf(UTIL_LINUX_VERSION);
c8a6af07	363	return EXIT_SUCCESS;
78d5ceac	364	default:
677ec86c	365	errtryhelp(EXIT_FAILURE);
78d5ceac KZ	366	}
	367	}
	368
930954d8 SK	369	if (!out)
	370	out = stdout;
	371
78d5ceac	372	if (optind < argc) {
704bd903	373	filename = argv[optind];
930954d8 SK	374	in = fopen(filename, "r");
930954d8 SK	375	if (!in)
289dcc90	376	err(EXIT_FAILURE, _("cannot open %s"), filename);
704bd903	377	} else {
faebdd91 KZ	378	if (follow)
faebdd91 KZ	379	errx(EXIT_FAILURE, _("following standard input is unsupported"));
5ec1ad13	380	filename = "/dev/stdin";
930954d8	381	in = stdin;
78d5ceac KZ	382	}
78d5ceac KZ	383
704bd903 KZ	384	if (reverse) {
704bd903 KZ	385	fprintf(stderr, _("Utmp undump of %s\n"), filename);
930954d8	386	undump(in, out);
704bd903 KZ	387	} else {
704bd903 KZ	388	fprintf(stderr, _("Utmp dump of %s\n"), filename);
930954d8	389	in = dump(in, filename, follow, out);
704bd903 KZ	390	}
704bd903 KZ	391
74ce680a SK	392	if (out != stdout && close_stream(out))
74ce680a SK	393	err(EXIT_FAILURE, _("write failed"));
930954d8 SK	394
	395	if (in && in != stdin)
	396	fclose(in);
78d5ceac	397
704bd903	398	return EXIT_SUCCESS;
78d5ceac	399	}