I've found that if I want to hide IP addresses from `last` and the like, the traditional recommendation is to symlink /var/log/utx.lastlogin to /dev/null. This works well, however, on these systems /dev/null will come up with 644 permissions instead of the usual 666. This tends to break all sorts of things. You certainly can chmod 666 /dev/null and get on your way, but I'd rather prevent it from happening in the first place.
I think that what happens is a service, maybe SSH, sees the /var/log/utx.lastlogin permissions as being too permissive, restricting them some, and proceeding. This unfortunately manifests at /dev/null due to the symlink.
This is kind of a niche case. I think there's a few avenues to change the behavior. There's a WITHOUT_UTMPX option in src.conf that might help. There's also some flags when building OpenSSHD. Not sure how to adjust those when doing a /usr/src make, though.
Curious to hear any thoughts on this. I wonder if Linux also is impacted by this?
I think that what happens is a service, maybe SSH, sees the /var/log/utx.lastlogin permissions as being too permissive, restricting them some, and proceeding. This unfortunately manifests at /dev/null due to the symlink.
This is kind of a niche case. I think there's a few avenues to change the behavior. There's a WITHOUT_UTMPX option in src.conf that might help. There's also some flags when building OpenSSHD. Not sure how to adjust those when doing a /usr/src make, though.
Curious to hear any thoughts on this. I wonder if Linux also is impacted by this?
