how to delete entry in file "wtmpx"(/var/adm/wtmpx)


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users how to delete entry in file "wtmpx"(/var/adm/wtmpx)
# 1  
Old 03-03-2006
how to delete entry in file "wtmpx"(/var/adm/wtmpx)

Do someone know how to delete entry(some lines)
in file "wtmpx" that command "last" use it.

this file is binary so I cannot edit directy.

=========================
#last
root pts/1 noc Fri Mar 3 22:04 still logged in
root pts/1 noc Fri Mar 3 22:01 - 22:02 (00:00)
root pts/1 noc Fri Mar 3 21:50 - 21:51 (00:00)
root pts/1 noc Fri Mar 3 21:46 - 21:46 (00:00)
root console Fri Mar 3 20:20 still logged in
few pts/2 narisara Fri Mar 3 18:43 - 18:43 (00:00)
=========================

I want to delete entry of user "few" from command "last".
# 2  
Old 03-04-2006
the only reason i can think of why you would want to do something like that involves hackers and erasing footsteps ... if you really want to edit the entries in that file --- you have to edit it with your own custom C/C++ program ...

or ...

you can delete all entries in 1 shot --- legally and routinely done by SAs trying to make space on a full "/" partition --- in ksh and as root, run '> /var/adm/wtmpx' ...
# 3  
Old 03-05-2006
if you have appropriate permission to edit the /var/adm/wtmpx file
then use the utmpx structure and with getutxent function
read the file and modify to eliminate the entries from the file

get the utmpx structure from utmpx.h
# 4  
Old 03-07-2006
new question

Thank you for both infomations ,and I'm not hacker .

new question is : If I can get entry from this file ,how to put new entry
to it ?
# 5  
Old 03-08-2006
adding entry to the file /var/adm/wtmpx

i havent tried this myself but it should work

populate the utmpx structure
and write to the file as structure

that would do !!!
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Getting information from the wtmpx file

Hi, I tried running the command "last" in the server to check the users that were last logged into the system. However, I get this error : root@csidblog:# last /var/adm/wtmpx: Value too large for defined data type How do I proceed to get this info? I read some forums suggesting to use... (2 Replies)
Discussion started by: anaigini45
2 Replies

2. Solaris

Drive is showing offline in the /var/adm/messages and shows "drive type unknown" in the format outpu

Hi, I am facing issue with one of the drive is solaris 10. it is showing offline in the messages file scsi: WARNING: /pci@2,600000/QLGC,qlc@0/fp@0,0/ssd@w5006016746e00b1b,0 (ssd0): drive offline genunix: WARNING: Page83 data not standards compliant DGC LUNZ 0430 ... (1 Reply)
Discussion started by: Prasanth T K
1 Replies

3. UNIX for Advanced & Expert Users

Not logging ftp connections in /var/adm/wtmpx file (in last command output)

Hi all, I have F5 load balancer on my system and checking service status by opening an ftp session in every 30 seconds. These ftp sessions are being logged in /var/adm/wtmpx and filling up the file. when i run the last command most of the output is this ftp session. I was wondering if there is a... (1 Reply)
Discussion started by: cepxat
1 Replies

4. Solaris

Repeated error - "se_hdlc: clone device must be attached before use" in /var/adm/messages

Below is the error being repeated on my Solaris 9 Sun-Fire-V890 machine. SAN team confirmed as everything is fine from their end. I did google and found that some people say its a known Oracle bug when you have Oracle 10G installed on your system but I kind of disagree with them. Please see below... (2 Replies)
Discussion started by: vikkash
2 Replies

5. Solaris

wtmpx file

What could possibly happen if wtmpx file got deleted by mistake? Thanks, (8 Replies)
Discussion started by: Pouchie1
8 Replies

6. UNIX for Advanced & Expert Users

separate "named daemon" message from /var/adm/messages

Hello group, How can I separate "named daemon" messages to the other file instead of /var/adm/messages. I still want all other daemons log the messages to /var/adm/messages. i.e. named => /var/adm/named.message other daemons => /var/adm/messages. I searched unix.com, and google but I still... (5 Replies)
Discussion started by: dannytrinh
5 Replies

7. UNIX for Advanced & Expert Users

wtmpx file is not updating

Hi in my solaris 9 system wmptx file is not updating so it is not recording any login or logout or any other entry. can any one tell me how to solve this problem (0 Replies)
Discussion started by: aaysa123
0 Replies

8. Solaris

wtmpx file is too big

Hi, I am using Sun Solaris 5.9 OS. I have found a file called wtmpx having a size of 5.0 GB. I want to clear this file using :>/var/adm/wtmpx. My query is, would it cause any problem to the running live system. Could anyone suggest the best method to clear the file without causing problem to... (6 Replies)
Discussion started by: Vijayakumarpc
6 Replies

9. UNIX for Dummies Questions & Answers

wtmpx file

Hello everybody: the wtmpx file on my Sol8 machine, got so big (2GB), that my root partition is almost full now, can I empty that file, I read about it that it contains database of user access and auditing, so in case I emptied it will it affect my system?? Thanks alot (3 Replies)
Discussion started by: aladdin
3 Replies

10. UNIX for Dummies Questions & Answers

No utpmx entry: you must exec "login" from lowest level "shell"

Hi I have installed solaris 10 on an intel machine. Logged in as root. In CDE, i open terminal session, type login alex (normal user account) and password and i get this message No utpmx entry: you must exec "login" from lowest level "shell" :confused: What i want is: open various... (0 Replies)
Discussion started by: peterpan
0 Replies
Login or Register to Ask a Question