Nikola Milutinovic wrote:
> Most people sugested that they saw that and that the only permanent cure was to
> clear out wtmp.
>
> # cd /var/adm
> # cp wtmp wtmp.1
> # cat /dev/null > wtmp (or echo "\c" > wtmp)
I have attached a small shell script "trim_wtmp" that we have been using
to keep the wtmp files roughly at a fixed length, i.e. it will always
have at least the last N entries, but not much more.
It is typically invoked from a cron job once per day or so:
0 1 * * * /etc/trim_wtmp -k 10000
Cheers,
Maarten
#!/bin/sh
# _at_(#)$Id: trim_wtmp 1.3 99/07/14 litmaath_at_fnal.gov $
PATH=/bin:$PATH
export PATH
usage()
{
echo "Usage: $0 [-k entries]" >&2
exit 1
}
min_entries=3000
entries=$min_entries
case `uname` in
OSF1)
record_wtmp=156 # nr. of bytes for 1 wtmp record
record_wtmpx=164 # nr. of bytes for 1 wtmpx record
;;
*)
record_wtmp=36 # nr. of bytes for 1 wtmp record
record_wtmpx=372 # nr. of bytes for 1 wtmpx record
esac
while test $# != 0
do
case $1 in
-k)
shift
entries=$1
;;
*)
echo "$0: illegal argument: $1" >&2
usage
esac
test $# != 0 && shift
done
test "x$entries" = x && usage
expr "0$entries" : '.*[^0-9]' > /dev/null && usage
if test $entries -lt $min_entries
then
echo "$0: number of entries raised from $entries to $min_entries" >&2
entries=$min_entries
fi
cd /var/adm
umask 002
for i in wtmp wtmpx
do
test -f $i || continue
eval record=\$record_$i
size=`expr $entries '*' $record`
set `wc -c < $i`
test $1 -gt $size || continue
skip=`expr '(' $1 - $size ')' / $record`
dd ibs=$record skip=$skip if=$i of=$i.tmp 2>&1 |
egrep -v '^[0-9]+\+[01] records (in|out)$' || mv $i.tmp $i
chown adm $i
chgrp adm $i
done
Received on Thu Apr 12 2001 - 18:57:28 NZST