Re: WTMP file

From: Sergio Luiz Novaes (algol@LCC.UFMG.BR)
Date: Thu Apr 03 2003 - 12:24:18 EST

• Next message: Bill Verzal: "Re: WTMP file"
• Previous message: Hambleton, John S.: "Re: WTMP file"
• Maybe in reply to: Hass, Harold: "WTMP file"
• Next in thread: Bill Verzal: "Re: WTMP file"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If you need at least a short history on last, take care with account
scripts. On 4.3.3, AIX accounting scripts were changed and daily create the
account and clean all wtmp entrances (with nulladm).
About your questions:
1- Do I need the history contained in the wtmp file or can I create an
empty file (nulladm wtmp) without major issues?
Is history on wtmp important for you? You need answer, but if not you can
clean with nulladm or as John has told us.
2- If I have to edit the ascii version of the file, what do I edit out or
leave in?
The ascii file will got several entrances with date. Just choose an old
date and clean everything older, after just recreate your binary wtmp
file.with fwtmp comand.
3- Any known gotchas?
take care with account scripts as a said above. On our installation we
modified some scripts to save a complete/partial wtmp copy, on ascii and
binary versions.

      Regards,

Sergio Luiz Novaes
LCC/UFMG - CENAPAD-MG/CO
Tel: +55 31 3499 5391/4936
Fax: +55 31 3499 5390

                      John Jolet
                      <john.jolet@FXFN. To: aix-l@Princeton.EDU
                      COM> cc:
                      Sent by: IBM AIX Subject: Re: WTMP file
                      Discussion List
                      <aix-l@Princeton.
                      EDU>

                      03/04/2003 13:52
                      Please respond to
                      IBM AIX
                      Discussion List

do you have the accounting filesets loaded? if so, there's a nifty thing
called tidysys that you can get from the bull archive that'll clean that
up,
along with other things. Frankly, you only need it if you need to know who
logged in when historically. it's read by the "last" command and not a
whole lot else. Another way to control it is to turn on accounting (ibm
docs are pretty clear about this), which also gives you some interesting
information to look at in terms of who's running what command and such.
Also, if I remember correctly, you could just cat /dev/null over it (i
think).

-----Original Message-----
From: Hass, Harold [mailto:hhass@FRESNO.CA.GOV]
Sent: Thursday, April 03, 2003 10:40 AM
To: aix-l@Princeton.EDU
Subject: WTMP file

A little help please,

I have a production system where the /var/adm/wtmp file has grown huge,
about 264M, and is filling up /var. I've read the online docs about using
fwtmp to make an ascii file, editing it, and converting it back. Also read
about wftpfix command and nulladm. Being somewhat cowardly about trying
new
stuff on production system, I'd like some advice.

What would be a reasonable course to take? Do I need the history contained
in the wtmp file or can I create an empty file (nulladm wtmp) without major
issues? If I have to edit the ascii version of the file, what do I edit
out
or leave in? Any known gotchas?

I know the questions are pretty broad, but I would appreciate any guidance.

TIA
 Harold

• Next message: Bill Verzal: "Re: WTMP file"
• Previous message: Hambleton, John S.: "Re: WTMP file"
• Maybe in reply to: Hass, Harold: "WTMP file"
• Next in thread: Bill Verzal: "Re: WTMP file"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:43 EDT