Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

restarting Lastlog and wtmp

Posted on 1997-12-19
4
Medium Priority
?
832 Views
Last Modified: 2006-11-17
I have somehow corrupted my last login information so I can't find out who has been logging in and who is currently online.  How do I restart those logs so that they won't be corrupted anymore?
0
Comment
Question by:straznp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 4

Expert Comment

by:jetx
ID: 1634869
goto /etc/rc.d and pico all the system file.. find Lastlog and wtmp then restart the file by doing ./file

jetx
0
 

Author Comment

by:straznp
ID: 1634870
I've tried that already, no luck.  So here is a detailed list of things that I have done.

Deleted /var/log/lastlog and /var/log/wtmp altogether.  Touched them again and started syslog.  No luck.  Removed /var/run/utmp and the other and restarted, still no luck.  Created a cron job to remove them and restart, still no luck.  I'm just not sure how these are still corrupted after I restart them.  I'm starting to think it would be a good time to start some source code analysis.
0
 
LVL 1

Accepted Solution

by:
ajaro earned 100 total points
ID: 1634871
First, try to check wheather wtmp&utm&lastlog files are correctly created. There should be:
  -rw-r--r-- 1 root root  0 <date> lastlog
  lrwxrwxrwx 1 root root 13 <date> utmp -> /var/run/utmp
  (-rw-r--r-- 1 root root  0 <date> utmp)
  -rw-r--r-- 1 root root  0 <date> wtmp

then check /etc/rc.d/rc.inet2 for line:
"${NET}/syslogd" and "${NET}/klogd"
uncomment them.
Reboot system.

If it still doesn't work that could possibly be syslogd version demaged. Check out wheather other loging activities are made propertly. (/etc/syslog.conf and /var/adm/* log files).

At last try recompiling kernel (check /usr/include/sys/utmp.h).



0
 

Expert Comment

by:grmbl
ID: 1634872
Before changing your rc.inet2 and compiling your kernel try this:

'echo > /var/run/utmp'

(or where ever your utmp is located)
and do:

'echo > /var/log/wtmp'

the tables are then reset.
0

Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month11 days, 13 hours left to enroll

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question