From Fedora Project Wiki
< Changes
| Line 38: | Line 38: | ||
== Detailed Description == | == Detailed Description == | ||
The utmp/utmpx login database provides a list of login sessions | The utmp/utmpx login database provides a list of login sessions. Both currently active | ||
* The initial motivation to replace the utmp database was that it stored its time stamps in 32-bit values, even on 64-bit systems. This has since been worked around by [https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/K66JCZWKOFF7AIMLTYJVQGO3RGZZ6IYQ/ a switch to unsigned time stamps], extending the possible lifetime of the file format well beyond the year 2038. | * The initial motivation to replace the utmp database was that it stored its time stamps in 32-bit values, even on 64-bit systems. This has since been worked around by [https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/K66JCZWKOFF7AIMLTYJVQGO3RGZZ6IYQ/ a switch to unsigned time stamps], extending the possible lifetime of the file format well beyond the year 2038. | ||
* The file formats were designed to support systems with a fixed, small number of terminal lines. Today's systems either have only one concurrent user at the graphical console, or a potential unbounded number of pseudo-terminal sessions (or other kind of active services). | * The file formats were designed to support systems with a fixed, small number of terminal lines. Today's systems either have only one concurrent user at the graphical console, or a potential unbounded number of pseudo-terminal sessions (or other kind of active services). | ||
* Some server components try to use client IP addresses as terminal line identifiers with the utmp database. This can easily lead to thousands and more entries, something that the file format cannot handle effectively. | * Some server components try to use client IP addresses as terminal line identifiers with the utmp database. This can easily lead to thousands and more entries, something that the file format cannot handle effectively. | ||
* The file-based interface uses locking in such a way that [https://sourceware.org/bugzilla/show_bug.cgi?id=24492 unprivileged users can block privileged system services]. Linux does not provide kernel support for atomic read/write operations on regular files. A separate daemon is required to fix this issue. | |||
== Feedback == | == Feedback == | ||
Latest revision as of 13:03, 28 August 2024
Removal of the utmp login database from glibc
This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.
Summary
Upstream glibc is going to remove support for the historic utmp login database. This will need adjustment to a few Fedora packages that use it.
Owner
- Name: FlorianWeimer
- Email: fweimer@redhat.com
Current status
- Targeted release: Fedora Linux 42
- Last updated: 2024-08-28
- [Announced]
- [<will be assigned by the Wrangler> Discussion thread]
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
Detailed Description
The utmp/utmpx login database provides a list of login sessions. Both currently active
- The initial motivation to replace the utmp database was that it stored its time stamps in 32-bit values, even on 64-bit systems. This has since been worked around by a switch to unsigned time stamps, extending the possible lifetime of the file format well beyond the year 2038.
- The file formats were designed to support systems with a fixed, small number of terminal lines. Today's systems either have only one concurrent user at the graphical console, or a potential unbounded number of pseudo-terminal sessions (or other kind of active services).
- Some server components try to use client IP addresses as terminal line identifiers with the utmp database. This can easily lead to thousands and more entries, something that the file format cannot handle effectively.
- The file-based interface uses locking in such a way that unprivileged users can block privileged system services. Linux does not provide kernel support for atomic read/write operations on regular files. A separate daemon is required to fix this issue.
Feedback
Benefit to Fedora
The bugs resulting from the use of the utmp database are fixed. Fedora does not need to maintain a downstream patch to reintroduce the problematic interfaces.
Scope
- Proposal owners:
- Other developers:
- Release engineering: #Releng issue number
- Policies and guidelines: N/A (not needed for this Change)
- Trademark approval: N/A (not needed for this Change)
- Alignment with the Fedora Strategy:
Upgrade/compatibility impact
Early Testing (Optional)
Do you require 'QA Blueprint' support? Y/N
How To Test
User Experience
Dependencies
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
Documentation
N/A (not a System Wide Change)