|
|
Sponsored Content
Operating Systems
Solaris
Locked out of server due to utmp growing out of control
Post 302793289 by gjackson123 on Friday 12th of April 2013 02:22:26 AM
04-12-2013
Locked out of server due to utmp growing out of control
Dear Solaris Experts,The file /var/adm/utmpx is steadily growing on our standbye Sun Sparc T5220 Solaris 10 server. I have tried everything such as the following steps without success:
Code:
root@rainbow # uname -a SunOS rainbow 5.10 Generic_141444-09 sun4v sparc SUNW,SPARC-Enterprise-T5220 root@rainbow # cd /var/adm root@rainbow # cp /dev/null utmpx # but size stays the same and growing root@rainbow # cp /dev/null wtmpx # file size briefly came back to zero # before recovering root@rainbow # ls -lt /var/adm | more -rw-r--r-- 1 root root 24180 Apr 12 15:23 wtmpx -rw-r--r-- 1 root root 364035476 Apr 12 15:23 utmpx root@rainbow # /cat /etc/default/utmp SCAN_PERIOD=300 root@rainbow # svcs utmp STATE STIME FMRI online 15:22:20 svc:/system/utmp:default root@rainbow # svcadm disable utmpd root@rainbow # svcs utmp STATE STIME FMRI disabled 15:59:44 svc:/system/utmp:default
it is rapidly collecting. In fact, I can no longer log back on to it with the
following message after successful login using a non-root user from a general
multi-user mode telnet session:
login: george
Password:
No utmpx entry. You must exec "login" from the lowest level "shell".
<Your 'TELNET' connection has terminated>
Fortunately, it was possible to get back into this server in single-user maintenance mode as root on the Console. The only way to re-instate multi-user mode access is by rebooting this server but still not reduce the amount of auditing / login which will eventually fill up /var.
The strange thing is that our production (equivalent hardware) accessed extensive with the same SCAN_PERIOD is not experiencing this issue. I am not sure whether the standbye rainbow server has been split up to multiple zones has anything to do with it. ie rainbow being the global zone.
Your assistance would be much appreciated.
Thanks in advance,
George
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hiya all,
I have Fedora core 3 installed - as a server - onto an old PC.
Root u/n and psw lets me in
However, all the other accounts no longer worked.
They use to work until yesterday...
I now get the error at the login screen:
"AUTHENTICATIONFAILED"
I hope this is a common... (12 Replies)
Discussion started by: marty 600
12 Replies
2. Programming
the utmp.h ACCOUNTING macro is set to 9 on my system.
my question is: what "accounting" is it referring to? (2 Replies)
Discussion started by: thmnetwork
2 Replies
3. AIX
Hi All,
if someone know where I can set dimension of utmp log files like
wtmp
failedlogin
sulog in an AIX system.
These are called security logs and they can reach a max amount in day or MB, where can I steady their size ?
thanks in advance. (2 Replies)
Discussion started by: Carmen123
2 Replies
4. UNIX for Dummies Questions & Answers
Hi.
I am working on a small assignment where i need to extract the login information of currently logged in users in a Linux client-server environment.I am able to extract only the userID,IP/HOST name,TTY,device name,GID,PID and login time using the structure 'utmp'.Also when i am saving the... (2 Replies)
Discussion started by: maverixxx
2 Replies
5. Solaris
Hi
i was changing the entry in the /etc/passwd file for the root user.
i was changing the shell from sh to bash . I changed the file and rebooted
the server.Now it is saying that invalid shell. I think i have misspelt bash.
now the machine is set to boot in maultiuser mode so there is no... (5 Replies)
Discussion started by: asalman.qazi
5 Replies
6. Cybersecurity
Sigh...
I use denyhosts for security. Been great for months, but today my butterfingers have managed to lock myself out of the server.
The denyhosts FAQ lists ways to edit the files to erase your IP, but...I'm locked out, so how can I edit the files? (5 Replies)
Discussion started by: dheian
5 Replies
7. Red Hat
Hello Folks,
My RHEL 4.3 server got crashed due to hardware crash,system hard disk and motherboard replaced and RAID rebuilt done.
while rebooting the server the server is gone into single user mode due to /sda5 var partition not able to mount.
Error :- " wrong fs type, bad... (1 Reply)
Discussion started by: kmvinay
1 Replies
8. Emergency UNIX and Linux Support
Dear community,
my sql and apache server (with CMW installed) hangs due to /tmp full:
root@cms:~# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 224G 27G 186G 13% /
tmpfs 3.9G 0 3.9G 0% /lib/init/rw
udev 3.9G ... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
9. Solaris
I am facing strange problem where after three failed login attempt user password must be locked. Actually what is happening, when I take the putty session of the server & enter user name on the prompt at the login prompt & then press enter to enter the password at this time when I checked the... (10 Replies)
Discussion started by: sb200
10 Replies
LEARN ABOUT LINUX
wtmpx
utmpx(4) File Formats utmpx(4) NAME
utmpx, wtmpx - utmpx and wtmpx database entry formats SYNOPSIS
#include <utmpx.h> /var/adm/utmpx /var/adm/wtmpx DESCRIPTION
The utmpx and wtmpx files are extended database files that have superseded the obsolete utmp and wtmp database files. The utmpx database contains user access and accounting information for commands such as who(1), write(1), and login(1). The wtmpx database contains the history of user access and accounting information for the utmpx database. USAGE
Applications should not access these databases directly, but should use the functions described on the getutxent(3C) manual page to inter- act with the utmpx and wtmpx databases to ensure that they are maintained consistently. FILES
/var/adm/utmpx user access and adminstration information /var/adm/wtmpx history of user access and adminstrative information SEE ALSO
getutxent(3C), wait(3C)wait.h(3HEAD) SunOS 5.10 22 Feb 1999 utmpx(4)