sudo + pam_lastlog causes user to appear logged out in logs.

[Tom McLaughlin]

Hi, this was originally reported on ports at . [1]  Someone noticed that
after after running sudo their session disappeared when running `w`
afterwards.  I've done a little experimenting and this is caused when
pam_lastlog.so is included in sudo's pam file.  This results in the user
still being logged in though according to the system logs the user has
logged out.  Here's an example:

[tom at releng-7-fbsd tom]$ w
12:50AM  up 6 days, 12:30, 2 users, load averages: 0.24, 0.31, 0.30
USER             TTY      FROM              LOGIN@  IDLE WHAT
tom              p0       bofh             12:50AM     - w

[tom at releng-7-fbsd tom]$ last
tom              ttyp0    bofh             Mon Jul 23 00:50   still logged in
...

[tom at releng-7-fbsd tom]$ sudo kill
...

[tom at releng-7-fbsd tom]$ w
12:53AM  up 6 days, 12:34, 1 user, load averages: 0.17, 0.22, 0.25
USER             TTY      FROM              LOGIN@  IDLE WHAT

[tom at releng-7-fbsd tom]$ last
root             ttyp0                     Mon Jul 23 00:53 - 00:53  (00:00)
tom              ttyp0    bofh             Mon Jul 23 00:50 - 00:53  (00:03)

I can confirm this on -CURRENT and -STABLE.  I tested on a CentOS 5.0
box and their pam_lastlog does not cause this with sudo so it appears to
be an issue specific to ours.  Can someone take a look into this?  Also,
is there any way sudo can work around this?  Right now I've commented
out the session line in the pam file that is installed by the port so
most users will not be affected.  Thanks.

[1] http://lists.freebsd.org/pipermail/freebsd-ports/2007-July/042746.html

tom
-- 
| tmclaugh at sdf.lonestar.org             tmclaugh at FreeBSD.org |
| FreeBSD                                   http://www.FreeBSD.org |