Revision as of 13:00, 28 August 2024

Removal of the utmp login database from glibc

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Upstream glibc is going to remove support for the historic utmp login database. This will need adjustment to a few Fedora packages that use it.

Owner

Name: FlorianWeimer
Email: fweimer@redhat.com

Current status

Targeted release: Fedora Linux 42
Last updated: 2024-08-28
[Announced]
[<will be assigned by the Wrangler> Discussion thread]
FESCo issue: <will be assigned by the Wrangler>
Tracker bug: <will be assigned by the Wrangler>
Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

The utmp/utmpx login database provides a list of login sessions that

The initial motivation to replace the utmp database was that it stored its time stamps in 32-bit values, even on 64-bit systems. This has since been worked around by a switch to unsigned time stamps, extending the possible lifetime of the file format well beyond the year 2038.
The file formats were designed to support systems with a fixed, small number of terminal lines. Today's systems either have only one concurrent user at the graphical console, or a potential unbounded number of pseudo-terminal sessions (or other kind of active services).
Some server components try to use client IP addresses as terminal line identifiers with the utmp database. This can easily lead to thousands and more entries, something that the file format cannot handle effectively.

Bug 24492: utmp/wtmp locking allows non-privileged user to deny service

Feedback

Benefit to Fedora

The bugs resulting from the use of the utmp database are fixed. Fedora does not need to maintain a downstream patch to reintroduce the problematic interfaces.

Scope

Proposal owners:

Other developers:

Release engineering: #Releng issue number

Policies and guidelines: N/A (not needed for this Change)

Trademark approval: N/A (not needed for this Change)

Alignment with the Fedora Strategy:

Upgrade/compatibility impact

Early Testing (Optional)

Do you require 'QA Blueprint' support? Y/N

How To Test

User Experience

Dependencies

Contingency Plan

Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
Contingency deadline: N/A (not a System Wide Change)
Blocks release? N/A (not a System Wide Change), Yes/No

Documentation

N/A (not a System Wide Change)

Release Notes

@@ Line 40: / Line 40: @@
 The utmp/utmpx login database provides a list of login sessions that
+* The initial motivation to replace the utmp database was that it stored its time stamps in 32-bit values, even on 64-bit systems. This has since been worked around by [https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/K66JCZWKOFF7AIMLTYJVQGO3RGZZ6IYQ/ a switch to unsigned time stamps], extending the possible lifetime of the file format well beyond the year 2038.
 * The file formats were designed to support systems with a fixed, small number of terminal lines. Today's systems either have only one concurrent user at the graphical console, or a potential unbounded number of pseudo-terminal sessions (or other kind of active services).
 * Some server components try to use client IP addresses as terminal line identifiers with the utmp database. This can easily lead to thousands and more entries, something that the file format cannot handle effectively.
@@ Line 47: / Line 48: @@
 * [https://sourceware.org/bugzilla/show_bug.cgi?id=24492 Bug 24492: utmp/wtmp locking allows non-privileged user to deny service]
 == Feedback ==

Search

Changes/UtmpDatabaseRemoval: Difference between revisions