Is updating utmp when logging in a user a requirement in Debian?

To: debian-devel@lists.debian.org
Subject: Is updating utmp when logging in a user a requirement in Debian?
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sat, 29 Jun 2013 09:36:15 +0200
Message-id: <[🔎] 2fl61wxqsgg.fsf@diskless.uio.no>

Hi.

Traditionally, on Unix like systems, it is possible to run the 'w' and
'who' command to see all logged in users and ttys currently in used on
the system.  These commands look in /var/run/utmp to figure out what
users are logged in, and depend on login managers (like login, gdm, etc)
and terminal emulators to update the utmp file at the start and end of a
session.  In addition, the /var/log/wtmp file is used to record a
history of sessions, accessable using the 'last' command.

I believe it is a requirement in Debian to keep the files utmp and wtmp
up to date, and that any program should be able to depend on the content
of these files.  Example of packages depending on correct utmp
information is sysvinit (the shutdown program broadcast a message to all
logged in users), acpi-support-base (will lock the screen with the
console user's password for hibernation) and killer (kill processes of
users without active console sessions).

But my view is not shared by everyone, as for example can be seen in
<URL: http://bugs.debian.org/648604 >, where the maintainer of lightdm
believe correctly updated utmp information is nice to have but not a
requirement.  It is not the first time I meet this view, so he is not
the only one believing utmp and wtmp are not really no longer important
pieces of a Unix like system.

The debian policy manual have this to say about utmp and wtmp:

  11.3 Using pseudo-ttys and modifying wtmp, utmp and lastlog

  Some programs need to create pseudo-ttys. This should be done using
  Unix98 ptys if the C library supports it. The resulting program must
  not be installed setuid root, unless that is required for other
  functionality.

  The files /var/run/utmp, /var/log/wtmp and /var/log/lastlog must be
  installed writable by group utmp. Programs which need to modify those
  files must be installed setgid utmp.

But it do not state that programs should update it, nor when it should
happen.  Perhaps it should be extended to make that more clear?

So my question to my fellow debian developers is simply this: Is correct
updating of utmp and wtmp a requirement in debian, or just nice to have?
Is it a wishlist bug to fix it, or a release critical problem?

There are related mechanism like consolekit in place in Debian that can
provide a list of currently logged in users, so the question is also if
it is enough to only update consolekit, or if utmp must be updated too.

-- 
Happy hacking
Petter Reinholdtsen

Reply to:

Prev by Date: Re: Reporting 1.2K crashes
Next by Date: Re: Anonymous svn does not work any more
Previous by thread: Bug#714412: ITP: python-pytest-instafail -- py.test plugin to show failures instantly
Next by thread: Bug#714449: ITP: droopy -- mini web server to let others upload files to your computer
Index(es):
- Date
- Thread