2 # Functions for reading linux format last output
5 # Returns 0 for old-style passwords (/etc/passwd only), 1 for FreeBSD-style
6 # (/etc/master.passwd) and 2 for SysV (/etc/passwd & /etc/shadow)
9 return &password_file($config{'shadow_file'}) ? 2 : 0;
13 # Returns 0 for normal group file (/etc/group only) and 2 for shadowed
14 # (/etc/group and /etc/gshadow)
17 return &password_file($config{'gshadow_file'}) ? 2 : 0;
20 # open_last_command(handle, user)
23 local ($fh, $user) = @_;
24 open($fh, "last $user |");
27 # read_last_line(handle)
28 # Parses a line of output from last into an array of
29 # user, tty, host, login, logout, period
35 if (!$line) { return (); }
36 if ($line =~ /system boot/) { next; }
37 if ($line =~ /^(\S+)\s+(\S+)\s+(\S+)?\s+(\S+\s+\S+\s+\d+\s+\d+:\d+)\s+\-\s+(\S+)\s+\((\d+:\d+)\)/) {
38 return ($1, $2, $3, $4, $5 eq "down" ? "Shutdown" : $5, $6);
40 elsif ($line =~ /^(\S+)\s+(\S+)\s+(\S+)?\s+(\S+\s+\S+\s+\d+\s+\d+:\d+)\s+still/) {
41 return ($1, $2, $3, $4);
46 # os_most_recent_logins()
47 # Returns hash ref from username to the most recent login as time string
48 sub os_most_recent_logins
52 open(LASTLOG, "lastlog |");
57 if (/((\S+)\s+(\S+)\s+\d+\s+(\d+):(\d+):(\d+)\s+([\-\+]\d+)\s+(\d+))/) {
58 # Have a date to parse
72 # Returns a list of hashes containing details of logged-in users
78 if (/^(\S+)\s+(\S+)\s+(\S+\s+\d+\s+\d+:\d+)\s+(\((\S+)\))?/) {
79 push(@rv, { 'user' => $1, 'tty' => $2,
80 'when' => $3, 'from' => $5 });
88 # Returns 1 if pam is set up to use MD5 encryption, 2 for blowfish, 3 for SHA512
91 if (defined($use_md5_cache)) {
92 # Don't re-look this up
93 return $use_md5_cache;
96 if (&foreign_check("pam")) {
97 # Use the PAM module if we can
98 &foreign_require("pam", "pam-lib.pl");
99 local @conf = &foreign_call("pam", "get_pam_config");
100 local ($svc) = grep { $_->{'name'} eq 'passwd' } @conf;
102 foreach my $m (@{$svc->{'mods'}}) {
103 if ($m->{'type'} eq 'password') {
104 if ($m->{'args'} =~ /md5/) {
107 elsif ($m->{'args'} =~ /sha512/) {
110 elsif ($m->{'args'} =~ /blowfish/) {
113 elsif ($m->{'module'} =~ /pam_stack\.so/ &&
114 $m->{'args'} =~ /service=(\S+)/) {
115 # Referred to another service!
116 ($svc) = grep { $_->{'name'} eq $1 } @conf;
117 if ($svc) { goto LOOP }
120 elsif ($m->{'control'} eq 'include') {
121 # Include another section
122 ($svc) = grep { $_->{'name'} eq $m->{'module'} }
124 if ($svc) { goto LOOP }
128 elsif ($m->{'include'}) {
129 # Include another section, with @ syntax
130 ($svc) = grep { $_->{'name'} eq $m->{'include'} } @conf;
131 if ($svc) { goto LOOP }
136 if (!$md5 && &open_readfile(PAM, "/etc/pam.d/passwd")) {
137 # Otherwise try to check the PAM file directly
140 if (/^password.*md5/) { $md5 = 1; }
141 elsif (/^password.*blowfish/) { $md5 = 2; }
142 elsif (/^password.*sha512/) { $md5 = 3; }
146 if (!$md5 && (&open_readfile(PAM, "/etc/pam.d/common-password") ||
147 &open_readfile(PAM, "/etc/pam.d/system-auth"))) {
148 # Then try reading common password config file
151 if (/^password.*md5/) { $md5 = 1; }
152 elsif (/^password.*blowfish/) { $md5 = 2; }
153 elsif (/^password.*sha512/) { $md5 = 3; }
157 if (&open_readfile(DEFS, "/etc/login.defs")) {
158 # The login.defs file is used on debian sometimes
161 $md5 = 1 if (/MD5_CRYPT_ENAB\s+yes/i);
165 $use_md5_cache = $md5;