Adding logging of SSH_ORIGINAL_COMMAND to nologin.

If SSH_ORIGINAL_COMMAND is set, it will be added to the syslog entry. Closes #123. Changelog: (SEH squashed commit): Fixing indentation Changelog: (SEH) break up long line
2019-12-26 13:17:11 +00:00 · 2019-12-26 13:17:11 +00:00 · 4c9ec2f5a4
commit 4c9ec2f5a4
parent d7add53f06
2 changed files with 9 additions and 1 deletions
--- a/man/nologin.8.xml
+++ b/man/nologin.8.xml
@ -72,6 +72,9 @@
      <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
      </citerefentry>.
    </para>
+    <para>
+      If <command>SSH_ORIGINAL_COMMAND</command> is populated it will be logged.
+    </para>
  </refsect1>

  <refsect1 id='see_also'>
--- a/src/nologin.c
+++ b/src/nologin.c
@ -45,9 +45,14 @@ int main (void)
 	if (NULL == user) {
 		user = "UNKNOWN";
 	}
+
+	char *ssh_origcmd = getenv("SSH_ORIGINAL_COMMAND");
 	uid = getuid (); /* getuid() is always successful */
 	openlog ("nologin", LOG_CONS, LOG_AUTH);
-	syslog (LOG_CRIT, "Attempted login by %s (UID: %d) on %s", user, uid, tty);
+	syslog (LOG_CRIT, "Attempted login by %s (UID: %d) on %s%s%s",
+	        user, uid, tty,
+		(ssh_origcmd ? " SSH_ORIGINAL_COMMAND=" : ""),
+		(ssh_origcmd ? ssh_origcmd : ""));
 	closelog ();

 	printf ("%s", "This account is currently not available.\n");