wtmp corrupted

Damian Benavent Pla · ‎02-26-2001

When my /var is full, I release disk space but /var/adm/wtmp files remains corrupted (/usr/bin/last command dumps a core).

I used wtmpfix but /usr/bin/last dumps on.

I move wtmp to wtmp.old and create a new wtmp to log new logins. But wtmp.old is still corrupted.

How to proceed to solve the wtmp corruption ?

Hakan Dedorson · ‎02-26-2001

Try moving it back from wtmp.old to wtmp (removing the version you created) and flush it with "cat /dev/null > /var/adm/wtmp"

federico_3 · ‎02-26-2001

to read wtmp file, that now seems to be corrupted ,do like this:

the following will convert it to ASCII file
#/usr/sbin/acct/fwtmp < /var/adm/wtmp > /tmp/file
then you can either edit the file or read it.

Then you can convert it back to binary form:
##/usr/sbin/acct/fwtmp -ic < /tmp/file > /var/adm/wtmp

Bye
federico

Bill Hassell · ‎02-26-2001

Just a note about wtmp. It can become corrupted if /var fills up or by programs that write to wtmp improperly. First, I would lookk at how your system is used and consider breaking up /var into several different mountpoints. Each mountpoint will be used by a different subsystem of HP-UX and by separating them, one subsystem will not affect another (for example, spooling problems no longer affect email or logging):

/var
/var/tmp
/var/mail
/var/spool
/var/adm
/var/adm/sw

If you do not use email heavily, then the /var/mail directory can be a part of /var. Similarly, if spooling os limited to a few printers and not used for PC shares (where spool files can become gigantic), spooling can also be part of /var. /var/adm/sw should always be made separate as it will grow quite large with patches and application updates.

Bill Hassell, sysadmin

Damian Benavent Pla · ‎02-26-2001

Hakan and Bill: My problem is how to recover that lost information.

Thank you Federico. I knew that procedure.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

wtmp corrupted

wtmp corrupted

Re: wtmp corrupted

Re: wtmp corrupted

Re: wtmp corrupted

Re: wtmp corrupted