Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1195
  • Last Modified:

Is there a way to disable lastlog ?

Hello !

We have a p570 system running AIX 5.3 and a telnet app. T
his system has an average off 2.000 users and 30.000 daily logins.
From time to time /etc/security/lastlog gets corrupted, and as result the login takes much longer than usual, sometimes several minutes.
I understand keeping track of all this users on a text file like lastlog is not an easy task for AIX. On the other hand, this system runs on a private network, and we have all login info in the app logs - so we don't really need AIX lastlog (we don't care about login attempts, too).

Is there a way to disable lastlog ? My guess is there isn't, as this would compromise AIX security - but I may be wrong. My other question would be: Is there a work around, like a login program replacement I could use to avoid this problem ? Any other suggestion ?

Thanks in advance,

Ronald
0
rsekkel
Asked:
rsekkel
1 Solution
 
woolmilkporcCommented:
Hi,

there is an unofficial and (of course undocumented) way - just remove or rename /etc/security/lastlog.
AIX will no longer write lastlog records.

But as I said - it's unofficial. Although I'm not aware of any issues resulting from the above - use at your own risk!

wmp


0
 
rsekkelAuthor Commented:
Hello Wmp,

After 3 days and more than 60.000 logins I'm quite happy with your amazingly simple solution !

Thank you very much.

Ronald
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now