01-10-2011
Before you get your wish, make sure you will enjoy it! Maybe some process of a user in the file's current group is logging in it?
Which users are in the file's group?
Can you change the file's group to one with no members?
Sometimes, it is easier to add your own chmod to the end of the boot scripts, so the exposure is momentary and before users become active.
10 More Discussions You Might Find Interesting
1. Red Hat
Hi,
I am using redhat AS 3. Recently, I was asked to implement a security control on the OS: to change ownership of /var/log/wtmp to root:sys and permission to 600. However, when I made the change and reboot the machine, everything was reverted. How come? Please help.
The following is the... (1 Reply)
Discussion started by: voa2mp3
1 Replies
2. AIX
In our operating procedures, if a workstation has a space problem in the /var filesystem, one of the most frequent case we were told is the size of the /var/adm/wtmp file.
Someone once told me it is dangerous to do this. Is it ?
I cannot say for certain that whomever wrote that procedure is... (2 Replies)
Discussion started by: Browser_ice
2 Replies
3. Solaris
hi sirs
can u tell the difference between /var/log/syslogs and /var/adm/messages
in my working place i am having two servers.
in one servers messages file is empty and syslog file is going on increasing..
and in another servers message file is going on increasing but syslog file is... (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies
4. AIX
Hi all.
I have a strange case on one of my AIX boxes. /var/adm/wtmp on server01 is ~ 400MB large but it only has ~1200 lines. For example on server02 there are ~85000 lines and the file is ~158MB large. I check lines through 'last | wc -l'. But when I check line directly with 'wc -l... (2 Replies)
Discussion started by: robroy
2 Replies
5. Solaris
Hi,
Is the contents in /var/log/syslog and /var/adm/messages are same??
Regards (3 Replies)
Discussion started by: vks47
3 Replies
6. Shell Programming and Scripting
How can view log messages between two time frame from /var/log/message or any type of log files.
when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval.
Could you pls give me the command? (1 Reply)
Discussion started by: johnveslin
1 Replies
7. HP-UX
AM in need of some plugin/script that can monitor HP-UX file "/var/opt/resmon/log/event.log" .
Have written a scrip in sh shell that is working fine for syslog.log and mail.log as having standard format, have interrogated that to Nagios and is working as I required .
But same script failed to... (3 Replies)
Discussion started by: Shirishlnx
3 Replies
8. SuSE
Hi
New to Suse - mainly used Solaris.
In solaris dmesg will also show you contents of messages log file but in Suse Liux it doesnt appear to.
I dont have root access to this Suse server, and wondering is there any other tool / utility that allows me to see the messages file contents like on... (1 Reply)
Discussion started by: frustrated1
1 Replies
9. Shell Programming and Scripting
Below is my script to log all the command input by any user to /var/log/messages. But I cant achieve the desired output that i want. PLease see below.
function log2syslog
{
declare COMMAND
COMMAND=$(fc -ln -0)
logger -p local1.notice -t bash -i -- "$USER:$COMMAND"
}
trap... (12 Replies)
Discussion started by: invinzin21
12 Replies
10. Shell Programming and Scripting
I have been searching and reading about syslog. I would like to know how to Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog.
tail -f /var/log/messages
dblogger: msg_to_dbrow: no logtype using missing
dblogger: msg_to_dbrow_str: val ==... (2 Replies)
Discussion started by: kenshinhimura
2 Replies
LAST,LASTB(1) Linux System Administrator's Manual LAST,LASTB(1)
NAME
last, lastb - show listing of last logged in users
SYNOPSIS
last [-R] [-num] [ -n num ] [-adFiowx] [ -f file ] [ -t YYYYMMDDHHMMSS ] [name...] [tty...]
lastb [-R] [-num] [ -n num ] [ -f file ] [-adFiowx] [name...] [tty...]
DESCRIPTION
Last searches back through the file /var/log/wtmp (or the file designated by the -f flag) and displays a list of all users logged in (and
out) since that file was created. Names of users and tty's can be given, in which case last will show only those entries matching the
arguments. Names of ttys can be abbreviated, thus last 0 is the same as last tty0.
When last catches a SIGINT signal (generated by the interrupt key, usually control-C) or a SIGQUIT signal (generated by the quit key, usu-
ally control-), last will show how far it has searched through the file; in the case of the SIGINT signal last will then terminate.
The pseudo user reboot logs in each time the system is rebooted. Thus last reboot will show a log of all reboots since the log file was
created.
Lastb is the same as last, except that by default it shows a log of the file /var/log/btmp, which contains all the bad login attempts.
OPTIONS
-f file
Tells last to use a specific file instead of /var/log/wtmp.
-num This is a count telling last how many lines to show.
-n num The same.
-t YYYYMMDDHHMMSS
Display the state of logins as of the specified time. This is useful, e.g., to determine easily who was logged in at a particular
time -- specify that time with -t and look for "still logged in".
-R Suppresses the display of the hostname field.
-a Display the hostname in the last column. Useful in combination with the next flag.
-d For non-local logins, Linux stores not only the host name of the remote host but its IP number as well. This option translates the
IP number back into a hostname.
-F Print full login and logout times and dates.
-i This option is like -d in that it displays the IP number of the remote host, but it displays the IP number in numbers-and-dots nota-
tion.
-o Read an old-type wtmp file (written by linux-libc5 applications).
-w Display full user and domain names in the output.
-x Display the system shutdown entries and run level changes.
NOTES
The files wtmp and btmp might not be found. The system only logs information in these files if they are present. This is a local configura-
tion issue. If you want the files to be used, they can be created with a simple touch(1) command (for example, touch /var/log/wtmp).
FILES
/var/log/wtmp
/var/log/btmp
AUTHOR
Miquel van Smoorenburg, miquels@cistron.nl
SEE ALSO
shutdown(8), login(1), init(8)
Jul 31, 2004 LAST,LASTB(1)