/etc/pwcntl on the 3B1 (3.51)
Bruce Schlobohm
bms at mitisft.Convergent.COM
Fri Dec 9 15:42:06 AEST 1988
In article <5439 at cbmvax.UUCP>, ditto at cbmvax.UUCP (Michael "Ford" Ditto) writes:
>
> When I first looked at this file a long time ago, I was under the
> impression that it only recorded failed login attempts, but since it
> was definately modified when I logged in just now, I guess I was
> wrong. It definitely does record unsuccessful attempts, though;
> even unknown login names.
> [...]
> Has anyone ever seen this file on anything other than a Unix PC?
> Anyone with further observations/conclusions, please post!
Info on pwcntl as I see it:
struct pwrec {
char logon[8]; /* user name from login arg1 */
int uid; /* uid from /etc/passwd */
char expert; /* Y/N flag for expert mode */
char flg; /* unused (pad) */
time_t timeon; /* time of most recent login */
time_t timecr; /* time of first login */
long space; /* disk space used in blocks,
* only used in Ulogin after Compute Space
* has been selected.
*/
};
login writes records, Ulogin reads them and updates the expert flag,
upon request, but never writes the disk space info back to the file.
The information you see in the menu "User Login Interface" (Ulogin),
comes from pwcntl. In my brief search, I didn't find any other programs
which use of the file, and this is definitely not a feature from CTIX.
The purpose of the file seems to be the groundwork for the ua to control
who can be an "expert", but this feature doesn't seem to be fully implemented,
at least not on my UNIXPC. (Changing Expert= in ~/Environment seems to be
all that ua needs to turn on/off Expert Mode.)
As far as failed logins, this seems to be more of a quirk than an feature.
If you type a nonexistent login name at getty, hit return for the password,
then log in with a valid login name/passwd, a record is written with
the nonexistent login name, as though it were a valid (new) user. However,
if you fail the login completely, and let login timeout (60 seconds),
no record is written to pwcntl. So this isn't a reliable way of tracking
failed login attempts.
--
Bruce Schlobohm
bms at Convergent.COM -or- {pyramid,sri-unix,pacbell}!ctnews!bms
More information about the Unix-pc.general
mailing list