I'm having problems with accounting on a V5.1 system. The problem
fundamentally seems to involve a corrupted wtmp file.
Exact details and behaviour vary but, for example;
# /usr/sbin/acct/acctcon1 </var/adm/wtmp
bad wtmp: offset 1568.
bad record is: =t- 3905517474781593600 Wed Nov 26 17:04:48 2031 EST
The date (2031!) is clearly bogus. I started (several times) with a
fresh wtmp ("cat /dev/null > /var/adm/wtmp") and after a while
(generally a few minutes) the file was again corrupted.
Trying "/usr/sbin/acct/fwtmp < /var/adm/wtmp" results in poorly
formatted output with a bunch of Dec 31 1969 entries (and the above Nov
one).
Issuing "/usr/sbin/acct/wtmpfix /var/adm/wtmp" returns a string of
gibberish and English but does not change the timestamp on wtmp.
/usr/include/utmp.h has not been messed with since the installation.
Any suggestions/ideas?
Thanks,
Chris
cloken_at_cita.utoronto.ca
--
----------------------------------------------------
Chris Loken Phone: 416-978-5619
Computing Facility Manager Fax: 416-978-3921
Canadian Institute for Theoretical Astrophysics
Received on Fri Apr 20 2001 - 18:36:12 NZST