Lookout.c watches utmp and executes a specified command when a certain user logs in.
166042e8d3d6caa0c2f7106191e596206f645e94fc36c5f2b2fa7e29bbaa1aba/*
lookout.c v0.1 from intrusive - (intrusive@portalofevil.com) -
checks to see if anyone new has logged in and executes a command
(or command string) when the specified user logs in or just
notifies you of their presence with a beep.
<command(s)> is either a shell-script or a quote(") encapsulated
string containing a ';' or '&&' seperated list of commands to be
run via a single call to system() when <username> logs in.
if "any" is given for username, notification will be delivered and
any commands specified will be executed upon the login of any user"
because utmp seems to round the login time to the minute, the login
or logout of any user will cause the program to interpret it as
<username> logging in IF <username> is already present in utmp AND
less than approx one minute has elapsed between the time when
<username> was recorded in the file and the time that any user has
logged in/out.
December 8, 2002
*/
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <utmp.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <signal.h>
main(int argc, char **argv)
{
FILE *fptr;
struct stat stbuf;
struct utmp ubuff;
time_t lastacc, logt;
int r, x = 0;
char buff[sizeof(struct utmp)];
if((argc != 4) && (argc != 2))
{
fprintf(stderr, "usage: %s <username> [-e <command(s)>]\n\n", argv[0]);
exit(1);
}
if(argc == 4)
{
if(!strncmp(argv[2], "-e", strlen(argv[2])) == 0)
{
fprintf(stderr, "usage: %s <username> [-e <command(s)>]\n\n", argv[0]);
exit(1);
}
else
x = 1;
}
if((argc > 2) && (strlen(argv[1]) > 32))
{
fprintf(stderr, "login names must be 32 characters or less.\n");
exit(1);
}
if(stat("/var/run/utmp", &stbuf) == -1)
{
fprintf(stderr, "error getting file stats\n");
exit(1);
}
if((r = fork()) == -1)
{
fprintf(stderr, "error with fork()\n");
exit(1);
}
if(r > 0)
exit(0);
lastacc = stbuf.st_mtime;
while(1)
{
sleep(1);
if(stat("/var/run/utmp", &stbuf) == -1)
{
fprintf(stderr, "error getting file stats\n");
exit(1);
}
if(lastacc < stbuf.st_mtime)
{
if((fptr = fopen("/var/run/utmp", "r")) == NULL)
{
fprintf(stderr, "error opening utmp\n");
exit(1);
}
while(fread(&ubuff, 1, sizeof(struct utmp), fptr))
{
if((strncmp(ubuff.ut_name, argv[1], strlen(argv[1])) == 0) && (ubuff.ut_time >= lastacc))
{
printf("\a");
fprintf(stdout, "%s logged in\n", ubuff.ut_name);
if(x == 1)
system(argv[3]);
exit(0);
}
if((strncmp(argv[1], "any", 3) == 0) && (ubuff.ut_time >= lastacc))
if(!strstr(ubuff.ut_name, "LOGIN"))
{
printf("\a");
fprintf(stdout, "%s just logged in\n", ubuff.ut_name);
if(x == 1)
system(argv[3]);
exit(0);
}
}
rewind(fptr);
lastacc = stbuf.st_mtime;
fclose(fptr);
}
}
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed