[continued from previous message]
--- wtmpdb-0.73.0/debian/README.Debian 2025-05-04 18:39:33.000000000 +0100
+++ wtmpdb-0.75.0/debian/README.Debian 2025-10-11 23:26:05.000000000 +0100
@@ -2,16 +2,18 @@
----------------
In Debian 13 "trixie", login and reboot records are recorded by the
'wtmpdb'
-solution in an sqlite3 database file. This document identifies differences
in
-behaviour since earlier Debian releases that may require action by system
-administators.
+solution in an sqlite3 database file, which can represent a larger ranger
of
+times. This document identifies differences in behaviour since earlier
Debian
+releases that may require action by system administators.
Log location
------------
-The datafile for the login and reboot records is stored in the tool's state
-directory '/var/lib/wtmpdb' instead of the system log directory '/var/log'.
+The datafile for the login and reboot records is stored in the system log
+directory '/var/log' instead of the tool's state directory
'/var/lib/wtmpdb'
as
+defined upstream via /usr/include/wtmpdb.h. On Debian /var/lib/wtmpdb/wtmp.
db
+should be a symbolic link to /var/log/wtmp.db.
Logging SSH sessions
@@ -41,36 +43,23 @@
If old rotated log files like /var/log/wtmp.1 are present, these can be
manually converted with the 'wtmpdb import' command (specify '-f' if these
are
-to be written to another file for archival rather than to the current login
-database). On default configurations, there are unlikely to be any older
+to be written to another file for archiving rather than merged into the
current
+login database). On default configurations, there are unlikely to be any
older
rotated files such as wtmp.2.gz but if there are, these can be uncompressed
with gzip before being imported.
+Note that automatic import of old records will not happen if the new
database
+file gets populated before the wtmpdb package is installed, which can
happen
if
+ssh or console logins are recorded after the system upgrade but before the
+wtmpdb package is installed. In this case the old file can be imported
manually
+as described above.
+
Log rotation and pruning
------------------------
-Logs can be rotated by the 'wtmpdb rotate' command. A systemd timer unit
-is installed to do this on a monthly basis; however, this timer is not
-enabled by default because of its limitations:
-
- 1. The rotated files are dated by the latest rotated entry in the form
- wtmp_YYYYMMDD.db, rather than numerically like wtmp.1[.gz].
-
- 2. The rotated files are saved alongside the live database in /var/lib,
- contrary to what might be expected under the FHS 3.0 followed by
Debian.
-
- 3. Rotated files are NOT pruned [1], as they would be by logrotate(8).
- If you need to prune old logs then this will require custom scripts as
- logrotate cannot be configured to achieve this.
-
-Use 'systemctl enable wtmpdb-rotate.timer' to enable rotation.
-
-Users needing to remove old login records for regulatory purposes will
need to
-implement a pruning function in addition to rotating the database.
logrotate(8)
-may be suitable for this purpose instead of the installed systemd timer.
-
-[1] https://bugs.debian.org/1094965
+Logs are rotated and pruned by logrotate(8). The rotation and retention
+periods may be inspected and modified in /etc/logrotate.d/wtmpdb
- -- Andrew Bower Sun, 4 May 2025 18:10:00 +0100
+ -- Andrew Bower Sat, 04 Oct 2025 09:46:09 +0100
diff -Nru wtmpdb-0.73.0/debian/rules wtmpdb-0.75.0/debian/rules
--- wtmpdb-0.73.0/debian/rules 2025-05-04 18:39:33.000000000 +0100
+++ wtmpdb-0.75.0/debian/rules 2025-10-11 15:00:41.000000000 +0100
@@ -18,12 +18,15 @@
# 1. Do not add a boot entry on installation because most likely we are
# either not running in the target system or we have migrated the wtmp
# boot entry and in all cases we did not just boot up.
-# 2. Do not enable the rotation service because it provides no benefit:
the
-# rotated logs are not pruned, they simply become harder to
interrogate.
+# 2. Do not install the rotation service because log rotation is handled
+# by logrotate(8) and the competing (half) solution would be especially
+# harmful if boith methods were enabled by misconfiguration.
override_dh_installsystemd:
dh_installsystemd -pwtmpdb --no-start --no-stop-on-upgrade wtm
db-update-boot.service
- dh_installsystemd -pwtmpdb --no-enable wtmpdb-rotate.timer
dh_installsystemd -Nwtmpdb
override_dh_installinit:
dh_installinit --name=wtmpdb-update-boot --no-start --no-stop-on-upgrade
+
+override_dh_installlogrotate:
+ dh_installlogrotate --name=wtmpdb
diff -Nru wtmpdb-0.73.0/debian/wtmpdb.conffiles wtmpdb-0.75.0/de
ian/wtmpdb.conffiles
--- wtmpdb-0.73.0/debian/wtmpdb.conffiles 1970-01-01 01:00:00.000000000
+0100
+++ wtmpdb-0.75.0/debian/wtmpdb.conffiles 2025-10-11 15:00:41.000000000
+0100
@@ -0,0 +1 @@
+remove-on-upgrade /etc/cron.monthly/wtmpdb
diff -Nru wtmpdb-0.73.0/debian/wtmpdb.install wtmpdb-0.75.0/debi
n/wtmpdb.install
--- wtmpdb-0.73.0/debian/wtmpdb.install 2025-05-04 18:39:33.000000000 +0100
+++ wtmpdb-0.75.0/debian/wtmpdb.install 2025-10-11 15:00:41.000000000 +0100
@@ -1,6 +1,4 @@
usr/bin/wtmpdb
-usr/lib/systemd/system/wtmpdb-rotate.service
-usr/lib/systemd/system/wtmpdb-rotate.timer
usr/lib/systemd/system/wtmpdb-update-boot.service
usr/lib/tmpfiles.d/wtmpdb.conf
usr/share/man/man8/wtmpdb.8
diff -Nru wtmpdb-0.73.0/debian/wtmpdb.postinst wtmpdb-0.75.0/deb
an/wtmpdb.postinst
--- wtmpdb-0.73.0/debian/wtmpdb.postinst 2025-05-04 18:39:33.000000000 +0100
+++ wtmpdb-0.75.0/debian/wtmpdb.postinst 2025-10-11 15:00:41.000000000 +0100
@@ -11,7 +11,7 @@
fi
old_log="${DPKG_ROOT:-}/var/log/wtmp"
-new_log="${DPKG_ROOT:-}/var/lib/wtmpdb/wtmp.db"
+new_log="${DPKG_ROOT:-}/var/log/wtmp.db"
tmp_log="$new_log.import-tmp"
# If wtmp logs are present on first installation, import them.
diff -Nru wtmpdb-0.73.0/lib/sqlite.c wtmpdb-0.75.0/lib/sqlite.c
--- wtmpdb-0.73.0/lib/sqlite.c 2025-04-08 14:18:16.000000000 +0100
+++ wtmpdb-0.75.0/lib/sqlite.c 2025-10-09 14:18:36.000000000 +0100
@@ -61,16 +61,41 @@
}
}
+/* Creates the table if it does not exist.
+ * Returns 0 on success, -1 on failure. */
+static int64_t
+create_table (sqlite3 *db, char **error)
+{
+ char *err_msg = NULL;
+ char *sql_table = "CREATE TABLE IF NOT EXISTS wtmp(ID INTEGER PRIMARY
KEY,
Type INTEGER, User TEXT NOT NULL, Login INTEGER, Logout INTEGER, TTY TEXT,
RemoteHost TEXT, Service TEXT) STRICT;";
+
+ if (sqlite3_exec (db, sql_table, 0, 0, &err_msg) != SQLITE_OK)
+ {
+ if (error)
+ if (asprintf (error, "SQL error creating table: %s", err_msg) < 0)
+ *error = strdup ("create_table: Out of memory");
+ sqlite3_free (err_msg);
+
+ return -1;
+ }
+ return 0;
+}
+
static int
open_database_ro (const char *path, sqlite3 **db, char **error)
{
+ struct stat statbuf;
+ int empty_file;
int r;
- r = sqlite3_open_v2 (path, db, SQLITE_OPEN_READONLY, NULL);
+ empty_file = stat(path, &statbuf) == 0 && statbuf.st_size == 0;
+ r = sqlite3_open_v2 (path, db, empty_file ?
+ SQLITE_OPEN_READWRITE | SQLITE_OPEN_MEMORY :
+ SQLITE_OPEN_READONLY, NULL);
if (r != SQLITE_OK)
{
if (error)
- if (asprintf(error, "open_database_ro: Cannot open database (%s): %s",
+ if (asprintf(error, "Cannot open database (%s) read-only: %s",
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
