Hi Gurus,
We had a problem with sshd compiled under DU 4.0a not working properly
under Tru64 5.0a + C2 after upgrading:
> Sorry if this is a FAQ. After upgrading to Tru64 5.0a + enhanced
> security, command "w" does not show all logged users correctly.
> Also, "last" shows a bunch of lines like
>
> username ^G Wed Dec 31 21:00 still logged in
>
> as if those users were still logged in since 9 pm of Dec 31. Is this
> a new security feature or what?
We submitted the problem to this list and got suggestions to recompile
ssh under Tru64 5.0a and remove /etc/wtmp and /etc/utmp, creating new wtmp
and utmp with "touch", since they should be corrupted. I have done so and
further I removed also, maybe inadvertedly, /usr/var/tcb/files/dblogs/log.00006
in order to save some disk space (while a newer /usr/var/tcb/files/dblogs/log.00007
was left intact). After rebooting, nobody can login by console, where we
get the message
"cannot obtain information database information on this terminal"
The only possible access mode is by ssh1 from other machines (I can do
it as root). If we try to access by telnet (which I have reactivated) we get
login: log_get: /var/tcb/files/dblogs/log.00006: No such file or directory
Another symptom is that there are several /usr/sbin/cron processes running,
loading the cpu.
There is a line in /var/spool/cron/crontabs/root which states to remove
db logs periodically:
# Start of entries to purge enhanced profile db logs
0 2 * * 0 /usr/tcb/bin/db_checkpoint -1 -h /var/tcb/files && /usr/tcb/bin/db_archive -a -h /var/tcb/files | /usr/bin/xargs /usr/bin/rm -f
# End of entries to purge enhanced profile db logs
I do not know if this has something to do with our troubles. How to get out of this mess?
Thanks in advance,
Oyanarte Portilho
Institute of Physics
University of Brasilia, Brazil
Received on Tue Oct 17 2000 - 19:48:33 NZDT