Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Urgent problem with wtmpx

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Urgent problem with wtmpx
# 22  
Old 04-10-2003
Bug
Thanks Nero,

It work out ok. The wtmpx is still growing but not so fast. Smilie Do you have any sugestions on what else I can takeout???


Quote:
s0:0:wait:/sbin/rc0 >/dev/msglog 2<>/dev/msglog </dev/console
s1:1:respawn:/sbin/rc1 >/dev/msglog 2<>/dev/msglog </dev/console
s2:23:wait:/sbin/rc2 >/dev/msglog 2<>/dev/msglog </dev/console
s3:3:wait:/sbin/rc3 >/dev/msglog 2<>/dev/msglog </dev/console
s5:5:wait:/sbin/rc5 >/dev/msglog 2<>/dev/msglog </dev/console
s6:6:wait:/sbin/rc6 >/dev/msglog 2<>/dev/msglog </dev/console
Could you tell me what this "respawn" with console or "wait" with the console. I was thinking of trying on the weekend when the system is not productive to make changes in the inittab with out hurting anything. thanks

Peter
# 23  
Old 04-10-2003
The definitions of respawn and wait are in the inittab manpage.

I would suggest that you might have a problem with this line:

Code:
s1:1:respawn:/sbin/rc1 >/dev/msglog 2<>/dev/msglog </dev/console

How many entries are in the file /sbin/rc1 ? Is it small enough to post?
# 24  
Old 04-10-2003
That line looks odd, but it is Sun's standard for rc1. Note that line only applies to run level 1. The last three lines of rc1:
Code:
/sbin/sulogin
deflevel=`/usr/bin/awk -F: '$3=="initdefault"{print $2}' /etc/inittab`
/sbin/init ${deflevel:-s}

So that respawn is in case a user set the default run level to a 1. If that is the case and the user exits out of the shell spawned by sulogin, rc1 will execute again and the user can log back in.

In most cases the default level will be 2 or 3.
# 25  
Old 04-11-2003
Bug
WOW This is something, two of the best unix freaks helping me out Smilie .

So Back to my inittab. I found out that the only addition in my inittab was the "faxmon" from the fax software. And that problem is solved. The wtmpx is copied every night at 12pm set at null then. But I know that does not solve the problem. Before in my old Digital Unix I only saved wtmpx once a week only. not like now every day.

My inittab now is the original from installation of solaris and nobody added anything. Here is my /sbin/rc1

Thanks again

Code:
fra006:/etc# cat rc1
#!/sbin/sh
#
# Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T.
# All rights reserved.
#
# THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF AT&T
# The copyright notice above does not evidence any
# actual or intended publication of such source code.
#
# Copyright (c) 1997-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
#ident  "@(#)rc1.sh     1.13    98/09/10 SMI"

# "Run Commands" executed when the system is changing to init state 1

PATH=/usr/sbin:/usr/bin

# Export boot parameters to rc scripts

set -- `/usr/bin/who -r`

_INIT_RUN_LEVEL="$7"    # Current run-level
_INIT_RUN_NPREV="$8"    # Number of times previously at current run-level
_INIT_PREV_LEVEL="$9"   # Previous run-level

set -- `/usr/bin/uname -a`

_INIT_UTS_SYSNAME="$1"  # Operating system name (uname -s)
_INIT_UTS_NODENAME="$2" # Node name (uname -n)
_INIT_UTS_RELEASE="$3"  # Operating system release (uname -r)
_INIT_UTS_VERSION="$4"  # Operating system version (uname -v)
_INIT_UTS_MACHINE="$5"  # Machine class (uname -m)
_INIT_UTS_ISA="$6"      # Instruction set architecture (uname -p)
_INIT_UTS_PLATFORM="$7" # Platform string (uname -i)

export _INIT_RUN_LEVEL _INIT_RUN_NPREV _INIT_PREV_LEVEL \
    _INIT_UTS_SYSNAME _INIT_UTS_NODENAME _INIT_UTS_RELEASE _INIT_UTS_VERSION \
    _INIT_UTS_MACHINE _INIT_UTS_ISA _INIT_UTS_PLATFORM

#
#       umount_fsys     umountall-args
#
#       Calls umountall with the specified arguments and reports progress
#       as file systems are unmounted if umountall -k is invoked.
#
umount_fsys ()
{
        /sbin/umountall "$@" 2>&1 | while read fs; do \
                shift $#; set -- $fs
                if [ "x$1" = xumount: ]; then
                        echo "$*"       # Most likely an error message
                else
                        echo "$1 \c" | /usr/bin/tr -d :
                fi
        done
        echo "done."
}

if [ $_INIT_PREV_LEVEL = S ]; then
        echo 'The system is coming up for administration.  Please wait.'

elif [ $_INIT_RUN_LEVEL = 1 ]; then
        echo 'Changing to state 1.'
        >/etc/nologin

        echo "Unmounting remote filesystems: \c"
        umount_fsys -r -k -s

        if [ -d /etc/rc1.d ]; then
                for f in /etc/rc1.d/K*; do
                        if [ -s $f ]; then
                                case $f in
                                        *.sh)   .        $f ;;
                                        *)      /sbin/sh $f stop ;;
                                esac
                        fi
                done
        fi

        echo "Killing user processes: \c"
        #
        # Look for ttymon, in.telnetd, in.rlogind and processes
        # in their process groups so they can be terminated.
        #
        /usr/sbin/killall
        /usr/sbin/killall 9
        /usr/bin/pkill -TERM -v -u 0,1; sleep 5
        /usr/bin/pkill -KILL -v -u 0,1
        echo "done."

fi

if [ -d /etc/rc1.d ]; then
        for f in /etc/rc1.d/S*; do
                if [ -s $f ]; then
                        case $f in
                                *.sh)   .        $f ;;
                                *)      /sbin/sh $f start ;;
                        esac
                fi
        done
fi

if [ $_INIT_RUN_LEVEL = 1 ]; then
        if [ $_INIT_PREV_LEVEL = S ]; then
                echo 'The system is ready for administration.'
        else
                echo 'Change to state 1 has been completed.'
        fi
fi

# sulogin and its children need a controlling tty
# to make exiting graceful.

exec <> /dev/console 2<> /dev/console
trap "" 15

# Allow the administrator to log in as root on the console.  If sulogin
# is aborted with ctrl-D, or if the administrator exits the root shell,
# then return to the default run-level.

/sbin/sulogin
deflevel=`/usr/bin/awk -F: '$3=="initdefault"{print $2}' /etc/inittab`
/sbin/init ${deflevel:-s}

Smilie Smilie Smilie
# 26  
Old 04-11-2003
Try printing out wtmpx to see what the problem is. You seem to be Solaris 8 with accounting installed, so I would try:

/usr/lib/acct/fwtmp < /var/adm/wtmpx
# 27  
Old 04-11-2003
As you see my machine attached to unix cluster. The "cduser" is the user that sends data into the cluster. I know know what shell is doing it. Smilie It the "DWZ_call.sh" which was showen in my crontab. How stupid from me. But the problem is on this shell or on the clust side where it putting data in my system. Thanks for the tip on displaying the wtmpx. Its better than the "acctcom" command. Ill keep you posted what I find out..

Code:
cduser   ftp˙ ftp19375         19375  7 0000 0000 1050006094 Thu Apr 10 22:21:34 2003
         ftp˙ ftp19375         19375  7 0000 0000 1050006094 Thu Apr 10 22:21:34 2003
cduser   ftp˙ ftp21338         21338  7 0000 0000 1050006798 Thu Apr 10 22:33:18 2003
         ftp˙ ftp21338         21338  7 0000 0000 1050006798 Thu Apr 10 22:33:18 2003
cduser   ftp˙ ftp29090         29090  7 0000 0000 1050006995 Thu Apr 10 22:36:35 2003
         ftp˙ ftp29090         29090  7 0000 0000 1050006995 Thu Apr 10 22:36:35 2003
cduser   ftp˙ ftp29470         29470  7 0000 0000 1050007020 Thu Apr 10 22:37:00 2003
         ftp˙ ftp29470         29470  7 0000 0000 1050007020 Thu Apr 10 22:37:00 2003
cduser   ftp˙ ftp15426         15426  7 0000 0000 1050007338 Thu Apr 10 22:42:18 2003
         ftp˙ ftp15426         15426  7 0000 0000 1050007338 Thu Apr 10 22:42:18 2003
cduser   ftp˙ ftp4924           4924  7 0000 0000 1050009159 Thu Apr 10 23:12:39 2003
         ftp˙ ftp4924           4924  7 0000 0000 1050009159 Thu Apr 10 23:12:39 2003
cduser   ftp˙ ftp18262         18262  7 0000 0000 1050009437 Thu Apr 10 23:17:17 2003
         ftp˙ ftp18262         18262  7 0000 0000 1050009437 Thu Apr 10 23:17:17 2003
cduser   ftp˙ ftp14616         14616  7 0000 0000 1050011407 Thu Apr 10 23:50:07 2003
         ftp˙ ftp14616         14616  7 0000 0000 1050011407 Thu Apr 10 23:50:07 2003
cduser   ftp˙ ftp11497         11497  7 0000 0000 1050016782 Fri Apr 11 01:19:42 2003
         ftp˙ ftp11497         11497  7 0000 0000 1050016783 Fri Apr 11 01:19:43 2003
ftp      ftp˙ ftp4600           4600  7 0000 0000 1050039018 Fri Apr 11 07:30:18 2003
ftp      ftp˙ ftp27580         27580  7 0000 0000 1050040217 Fri Apr 11 07:50:17 2003
root     ftp˙ ftp19869         19869  7 0000 0000 1050042078 Fri Apr 11 08:21:18 2003
root     ftp˙ ftp19872         19872  7 0000 0000 1050042078 Fri Apr 11 08:21:18 2003
         ftp˙ ftp19869         19869  7 0000 0000 1050042084 Fri Apr 11 08:21:24 2003
         ftp˙ ftp19872         19872  7 0000 0000 1050042084 Fri Apr 11 08:21:24 2003
root     ftp˙ ftp19876         19876  7 0000 0000 1050042089 Fri Apr 11 08:21:29 2003
root     ftp˙ ftp19880         19880  7 0000 0000 1050042090 Fri Apr 11 08:21:30 2003
.rlogin  r200 /dev/pts/1       28167  6 0000 0000 1050042274 Fri Apr 11 08:24:34 2003
steppkej r200 pts/1            28167  7 0000 0000 1050042274 Fri Apr 11 08:24:34 2003
.rlogin  r300 /dev/pts/2       28246  6 0000 0000 1050042286 Fri Apr 11 08:24:46 2003
steppkej r300 pts/2            28246  7 0000 0000 1050042286 Fri Apr 11 08:24:46 2003
.rlogin  r400 /dev/pts/15      12148  6 0000 0000 1050043930 Fri Apr 11 08:52:10 2003
steppkej r400 pts/15           12148  7 0000 0000 1050043930 Fri Apr 11 08:52:10 2003
steppkej r400 pts/15           12148  8 0000 0000 1050043963 Fri Apr 11 08:52:43 2003

Smilie Smilie
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Getting information from the wtmpx file

Hi, I tried running the command "last" in the server to check the users that were last logged into the system. However, I get this error : root@csidblog:# last /var/adm/wtmpx: Value too large for defined data type How do I proceed to get this info? I read some forums suggesting to use... (2 Replies)
Discussion started by: anaigini45
2 Replies

2. Solaris

wtmpx corrupted ? fix ...

Hi, saw couple threads about wtmpx corruption, I had this problem on many servers, last command was not working or displaying old output, found good information on a thread on this site and wrote a perl script to fix, thought it might help some people. I found that using wtmpfix I lost many... (0 Replies)
Discussion started by: yannm
0 Replies

3. Solaris

WTMPX File corrupted

Hi All I work on solaris 8, 9 and 10 platforms and have encountered an error which is my wtmpx files appear to be corrupted as all entries contain the date 1970 (the birth of unix). Now this is obviously not the case, so my query is: 1 - Can the existing wtmpx files be manipulated to... (6 Replies)
Discussion started by: drestarr96
6 Replies

4. Solaris

wtmpx file

What could possibly happen if wtmpx file got deleted by mistake? Thanks, (8 Replies)
Discussion started by: Pouchie1
8 Replies

5. UNIX for Advanced & Expert Users

wtmpx file is not updating

Hi in my solaris 9 system wmptx file is not updating so it is not recording any login or logout or any other entry. can any one tell me how to solve this problem (0 Replies)
Discussion started by: aaysa123
0 Replies

6. Solaris

wtmpx file is too big

Hi, I am using Sun Solaris 5.9 OS. I have found a file called wtmpx having a size of 5.0 GB. I want to clear this file using :>/var/adm/wtmpx. My query is, would it cause any problem to the running live system. Could anyone suggest the best method to clear the file without causing problem to... (6 Replies)
Discussion started by: Vijayakumarpc
6 Replies

7. UNIX for Dummies Questions & Answers

wtmpx file

Hello everybody: the wtmpx file on my Sol8 machine, got so big (2GB), that my root partition is almost full now, can I empty that file, I read about it that it contains database of user access and auditing, so in case I emptied it will it affect my system?? Thanks alot (3 Replies)
Discussion started by: aladdin
3 Replies

8. UNIX for Advanced & Expert Users

how to delete entry in file "wtmpx"(/var/adm/wtmpx)

Do someone know how to delete entry(some lines) in file "wtmpx" that command "last" use it. this file is binary so I cannot edit directy. ========================= #last root pts/1 noc Fri Mar 3 22:04 still logged in root pts/1 noc Fri Mar 3 22:01 - 22:02 ... (4 Replies)
Discussion started by: arm_naja
4 Replies

9. UNIX for Dummies Questions & Answers

help urgent problem

i accedently "deleted" all workspaces I have a black screen and dont know what to do solaris common desktop enviroment (1 Reply)
Discussion started by: ssshakir
1 Replies

10. UNIX for Dummies Questions & Answers

wtmpx

Platform sol 8 I had wtmpx growing very large(1.2 G). I copied the file and compressed it the did a "cat /dev/null > /var/adm/wtmpx" to zero out the file and not close any doors to any processes. (After searching this seemed like the right method) This is a box that gets accessed from other... (5 Replies)
Discussion started by: finster
5 Replies
Login or Register to Ask a Question