From: Karel Zak Date: Fri, 11 Jan 2019 11:16:00 +0000 (+0100) Subject: login: add support for login.defs(5) LASTLOG_UID_MAX X-Git-Tag: v2.34-rc1~162 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1a83c00d888fad89f09c4acf2033790d5dcae48e;p=thirdparty%2Futil-linux.git login: add support for login.defs(5) LASTLOG_UID_MAX This new variable allows to keep lastlog file small and filter out things like huge nfsnobody UIDs. The variable is also supported by shadow-utils (adduser, etc.). Addresses: https://github.com/shadow-maint/shadow/pull/142/ Signed-off-by: Karel Zak --- diff --git a/login-utils/login.1 b/login-utils/login.1 index b73eae147e..084f6c90ac 100644 --- a/login-utils/login.1 +++ b/login-utils/login.1 @@ -256,6 +256,17 @@ to change directory to her home. The default value is .IR yes . .RE .PP +.B LASTLOG_UID_MAX +(unsigned number) +.RS 4 +Highest user ID number for which the lastlog entries should be +updated. As higher user IDs are usually tracked by remote user +identity and authentication services there is no need to create +a huge sparse lastlog file for them. No LASTLOG_UID_MAX option +present in the configuration means that there is no user ID limit +for writing lastlog entries. +.RE +.PP .B LOG_UNKFAIL_ENAB (boolean) .RS 4 diff --git a/login-utils/login.c b/login-utils/login.c index 23b62b8d04..ab819f16ff 100644 --- a/login-utils/login.c +++ b/login-utils/login.c @@ -503,6 +503,9 @@ static void log_lastlog(struct login_context *cxt) if (!cxt->pwd) return; + if (cxt->pwd->pw_uid > (uid_t) getlogindefs_num("LASTLOG_UID_MAX", ULONG_MAX)) + return; + /* lastlog is huge on systems with large UIDs, ignore SIGXFSZ */ memset(&sa, 0, sizeof(sa)); sa.sa_handler = SIG_IGN;