Re: Compiling HostSentry

To: Debian Security List <debian-security@lists.debian.org>
Subject: Re: Compiling HostSentry
From: Gregoire Welraeds <gregoire@welraeds.be>
Date: Tue, 26 Jun 2001 01:11:47 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.10.10106260044080.444-100000@lanfeust.welraeds.be>
In-reply-to: <[🔎] 3B35A4C7.D6B660AE@telusplanet.net>

According to man utmp on potato I386, PII:

> # a) Size of utmp record (sizeof(struct utmp)) for your host.
384
> # b) Offset to tty field from beginning of record.
6
> # c) Length of tty field.
32
> # d) Offset to username field from beginning of record.
42
> # e) Length of username field.
32
> # f) Offset to hostname field from beginning of record.
74
> # g) Length of hostname field.
256

If you have the same config as me, then, I think you can use these values.
Otherwise, you just have to write some C code to get the right answer. Like in:

<quote>

#include <utmp.h>

int main()
{
	printf("size of utmp struct: %d\n", sizeof(struct utmp));
	printf("size of ut_type: %d\n", sizeof(short));
	printf("size of pid_t: %d\n", sizeof(pid_t));
	printf("offset of tty name: %d\n", sizeof(pid_t)+ sizeof(short));
	printf("size of tty name: %d\n", UT_LINESIZE);
	printf("offset of username: 
	return 0;
}

</quote>

<signature>
	Grégoire Welraeds
	<gregoire (at) welraeds (dot) be>
</signature>

On Sun, 24 Jun 2001, Stefan Srdic wrote:

> Hey, I've compiled and installed HostSentry on my Patato box. I
> installed it under the /etc/hostsentry directory. I was editing the
> configuration file and got stumped over a setting.
> 
> HostSentry needs to know the format of wtmp.
> 
> Here's a snip from the conf file:
> 
> # The basic things needed are:
> #
> # a) Size of utmp record (sizeof(struct utmp)) for your host.
> # b) Offset to tty field from beginning of record.
> # c) Length of tty field.
> # d) Offset to username field from beginning of record.
> # e) Length of username field.
> # f) Offset to hostname field from beginning of record.
> # g) Length of hostname field.
> #
> # The format is formed like this:
> #
> #
> utmpRecordLength/ttyOffset:ttyLen/usernameOffset:usernameLen/hostnameOffset:hostnameLen
> 
> #
> # For example on RedHat:
> #
> # utmp record size is: 384 bytes
> # tty entry offset is: 8 bytes
> # tty entry size from offset is: 32 bytes
> # username entry offet is: 44 bytes
> # username entry size from offset is: 32 bytes
> # hostname entry offset is: 76 bytes
> # hostname entry size from offset: 256 bytes
> #
> # This would be formed as "384/8:32/44:32/76:256"
> #
> # NOTE: All of this garbage will hopefully go away on a future update
> when
> # I wrap native getutent() functions for Python.
> #
> # RedHat
> WTMP_FORMAT = "384/8:32/44:32/76:256"
> # Slackware
> #WTMP_FORMAT = "56/8:12/28:8/36:16"
> # BSD variants
> #WTMP_FORMAT = "36/0:8/8:8/16:16"
> 
> Where can I find this information? I've compiled this program before on
> Mandrake. The configuration was easy since I only had to follow the
> RedHat settings.
> 
> I would like to get this program up and running. I want to learn how it
> works and then attemp to compile it into a deb package for unstable.
> 
> I have this idea that if we can get logcheck, portsentry and hostsentry
> all compiled into deb packes that we could create an apt- script that
> would install the Abacus project all in one shot. It would very usefull
> for Debian sysadmins, and all apps could be launched via the same rc
> script.
> 
> I would like to hear some of your awnsers and opinions please :-D
> 
> Stef
> 
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>

Reply to:

Follow-Ups:
- Re: Compiling HostSentry
  - From: Benoît Sibaud <benoit.sibaud@rd.francetelecom.fr>

References:
- Compiling HostSentry
  - From: Stefan Srdic <linuxbox@telusplanet.net>

Prev by Date: Re: How to route
Next by Date: ProFtpd question
Previous by thread: Re: Compiling HostSentry
Next by thread: Re: Compiling HostSentry
Index(es):
- Date
- Thread