Anyone got experience where wtmp logs get truncated everyday? Though sulog, failedlogin and lastlog seems to be fine.
The server uptime is 18 days running on AIX 5.3. Sorry this seems to be a generic questions but never really encountered before.
Anyone got experience where wtmp logs get truncated everyday? Though sulog, failedlogin and lastlog seems to be fine.
The server uptime is 18 days running on AIX 5.3. Sorry this seems to be a generic questions but never really encountered before.
Hi,
i don't know about a automatism, which clean the wtmp by default but there are some script (search in the forum or use google) which can do that.
Most of these scripts use the /usr/sbin/acct/fwtmp
comman. man fwtmp
I would have a look at the crontab for such script...
Regards
Hi.
You can check in /etc/logrotate.conf
There is the way to rotate wtmp log file.
Another possible cause could be skulker
. It could be configured to shorten the wtmp file, see the man page of skulker.
I hope this helps.
bakunin
Thanks. Found a 'cp -p dev/null /var/adm/wtmp' from crontab.
This solves the riddle. I'd like to comment, though, that this is a dangerous practice, because it changes the files inode-number. I suggest to change this to
cat /dev/null > /var/adm/wtmp
which will shorten the file too but leaves its metadata intact.
I hope this helps.
bakunin
cat serves no purpose in that construct. The file is truncated by the shell when it handles the redirection operation, before invoking cat. The following should do it:
> /var/adm/wtmp
Regards,
Alister