Bug#1110112: unblock: procps/2:4.0.4-8.1 (pre-approval)

To: 1110112@bugs.debian.org
Subject: Bug#1110112: unblock: procps/2:4.0.4-8.1 (pre-approval)
From: Andrew Bower <andrew@bower.uk>
Date: Wed, 30 Jul 2025 08:13:37 +0100
Message-id: <[🔎] aInGIWe-dQ1eoZfa@shenstone.ab8.net>
Reply-to: Andrew Bower <andrew@bower.uk>, 1110112@bugs.debian.org
In-reply-to: <[🔎] aIm2GdXrc9-WhFCk@shenstone.ab8.net>
References: <[🔎] aIm2GdXrc9-WhFCk@shenstone.ab8.net> <[🔎] aIm2GdXrc9-WhFCk@shenstone.ab8.net>

On Wed, Jul 30, 2025 at 07:05:13AM +0100, Andrew Bower wrote:
> [ Reason ]
> To fix RC bug #1108549, of which there are two parts:
> 
> 1. (severity: serious) w acts on the value of uninitialised memory if systemd
> not present. On some systems this leads to a segfault.
> 
> 2. (severity: important) w provides incomplete security audit information when
> run on a system using elogind (falls back to reading utmp instead of yielding
> the sessions recorded by elogind.)
> 
> The change in the new version replaces the decision tree for collecting session
> information, fixing both the above bugs together, although the first bug can
> also be fixed by a one-line change, which is included in a reworked version of
> an existing patch.

For ease of review, I attach a copy of the new debian patch as that is
easier to read than a double diff!

From: Andrew Bower <andrew@bower.uk>
Date: Sun, 27 Jul 2025 22:14:43 +0100
Bug-Debian: https://bugs.debian.org/1108549
Subject: w: Get sessions even if !sd_booted()

Use sd_get_sessions() to determine whether systemd-style session recording is
in use rather than checking for sd_booted(), but only fall back to reading utmp
if !sd_booted(). This allows sessions to be listed that have been recorded by
elogind.

---
 src/w.c | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/src/w.c b/src/w.c
index 01652ac..26805ef 100644
--- a/src/w.c
+++ b/src/w.c
@@ -964,6 +964,8 @@ void print_user_terminals(
 int main(int argc, char **argv)
 {
 	char *match_user = NULL, *p;
+	char **sessions_list;
+	int sessions;
 	utmp_t *u;
 	struct winsize win;
 	int ch;
@@ -1113,16 +1115,11 @@ int main(int argc, char **argv)
 
         if (term_mode) {
             print_user_terminals(longform, maxcmd, from, userlen, fromlen, ip_addresses, pids, info, pids_cache);
-        } else {
 #if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER)
-	char **sessions_list;
-	int sessions = 0;
-	if (sd_booted() > 0)
-		sessions = sd_get_sessions (&sessions_list);
-	if (sessions < 0 && sessions != -ENOENT)
+	} else if ((sessions = sd_get_sessions (&sessions_list))
+		    < 0 && sessions != -ENOENT) {
 		error(EXIT_FAILURE, -sessions, _("error getting sessions"));
-	if (sessions > 0) {
-		//int i;
+	} else if (sessions > 0) {
 		for (int i = 0; i < sessions; i++) {
 			char *class, *name;
 			int r;
@@ -1146,6 +1143,8 @@ int main(int argc, char **argv)
 			free(sessions_list[i]);
 		}
 		free(sessions_list);
+	} else if (!sd_booted()) {
+#else
 	} else {
 #endif
 #ifdef HAVE_UTMPX_H
@@ -1175,9 +1174,6 @@ int main(int argc, char **argv)
 	endutxent();
 #else
 	endutent();
-#endif
-#if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER)
-	}
 #endif
         }

Reply to:

References:
- Bug#1110112: unblock: procps/2:4.0.4-8.1 (pre-approval)
  - From: Andrew Bower <andrew@bower.uk>

Prev by Date: Bug#1110114: bookworm-pu: package mailgraph/1.14-20
Next by Date: Processed: retitle 1110114 to bookworm-pu: package mailgraph/1.14-20+deb12u1
Previous by thread: Processed: unblock: procps/2:4.0.4-8.1 (pre-approval)
Next by thread: Bug#1110112: unblock: procps/2:4.0.4-8.1 (pre-approval)
Index(es):
- Date
- Thread