aulastlog doesn't report logins
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
audit (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
aulastlog and aulast don't appear to be functioning correctly:
root@hunt:~# aulast
root@hunt:~# aulastlog
Username Port From Latest
root **Never logged in**
daemon **Never logged in**
bin **Never logged in**
sys **Never logged in**
sync **Never logged in**
games **Never logged in**
man **Never logged in**
lp **Never logged in**
mail **Never logged in**
news **Never logged in**
uucp **Never logged in**
proxy **Never logged in**
www-data **Never logged in**
backup **Never logged in**
list **Never logged in**
irc **Never logged in**
gnats **Never logged in**
nobody **Never logged in**
libuuid **Never logged in**
syslog **Never logged in**
messagebus **Never logged in**
colord **Never logged in**
lightdm **Never logged in**
whoopsie **Never logged in**
avahi-autoipd **Never logged in**
avahi **Never logged in**
usbmux **Never logged in**
kernoops **Never logged in**
pulse **Never logged in**
rtkit **Never logged in**
speech-dispatcher **Never logged in**
hplip **Never logged in**
saned **Never logged in**
sarnold **Never logged in**
sshd **Never logged in**
libvirt-qemu **Never logged in**
libvirt-dnsmasq **Never logged in**
sbuild **Never logged in**
lxc-dnsmasq **Never logged in**
dictd **Never logged in**
statd **Never logged in**
dnsmasq **Never logged in**
ntp **Never logged in**
pdns **Never logged in**
clickpkg **Never logged in**
usermetrics **Never logged in**
root@hunt:~#
I would expect at least my user account sarnold should have logged in -- it was how I got to sudo, after all.
There's no shortage of logging information, it just appears the logs for USER_LOGIN are missing:
root@hunt:~# ausearch -l | wc -l
262312
root@hunt:~# ausearch -l | grep USER_LOGIN | wc -l
0
root@hunt:~#
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: auditd 1:2.3.2-2ubuntu1
ProcVersionSign
Uname: Linux 3.13.0-24-generic x86_64
ApportVersion: 2.14.1-0ubuntu3
Architecture: amd64
Date: Tue May 13 23:48:21 2014
InstallationDate: Installed on 2012-10-18 (573 days ago)
InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1)
ProcEnviron:
LANGUAGE=en_US
TERM=rxvt-unicode
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: audit
UpgradeStatus: Upgraded to trusty on 2014-04-12 (32 days ago)
mtime.conffile.
Hi,
This bug might actually be due to the fact that the entry point applications (login, xDM,...) are not calling pam_loginuid module in the PAM session stack.
I'm personally not using ubuntu anymore, so I cannot really verify this.
Cheers