Solved

restarting Lastlog and wtmp

Posted on 1997-12-19
4
660 Views
Last Modified: 2006-11-17
I have somehow corrupted my last login information so I can't find out who has been logging in and who is currently online.  How do I restart those logs so that they won't be corrupted anymore?
0
Comment
Question by:straznp
4 Comments
 
LVL 4

Expert Comment

by:jetx
ID: 1634869
goto /etc/rc.d and pico all the system file.. find Lastlog and wtmp then restart the file by doing ./file

jetx
0
 

Author Comment

by:straznp
ID: 1634870
I've tried that already, no luck.  So here is a detailed list of things that I have done.

Deleted /var/log/lastlog and /var/log/wtmp altogether.  Touched them again and started syslog.  No luck.  Removed /var/run/utmp and the other and restarted, still no luck.  Created a cron job to remove them and restart, still no luck.  I'm just not sure how these are still corrupted after I restart them.  I'm starting to think it would be a good time to start some source code analysis.
0
 
LVL 1

Accepted Solution

by:
ajaro earned 50 total points
ID: 1634871
First, try to check wheather wtmp&utm&lastlog files are correctly created. There should be:
  -rw-r--r-- 1 root root  0 <date> lastlog
  lrwxrwxrwx 1 root root 13 <date> utmp -> /var/run/utmp
  (-rw-r--r-- 1 root root  0 <date> utmp)
  -rw-r--r-- 1 root root  0 <date> wtmp

then check /etc/rc.d/rc.inet2 for line:
"${NET}/syslogd" and "${NET}/klogd"
uncomment them.
Reboot system.

If it still doesn't work that could possibly be syslogd version demaged. Check out wheather other loging activities are made propertly. (/etc/syslog.conf and /var/adm/* log files).

At last try recompiling kernel (check /usr/include/sys/utmp.h).



0
 

Expert Comment

by:grmbl
ID: 1634872
Before changing your rc.inet2 and compiling your kernel try this:

'echo > /var/run/utmp'

(or where ever your utmp is located)
and do:

'echo > /var/log/wtmp'

the tables are then reset.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Guacamole cut and paste issue 3 73
php ssh2_scp_send 1 61
issue in getting eth0 IP in oracale virtual box Linux VM 4 54
How to enable sync between two yum repo? 1 32
Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question