HPE Community
Operating System - HP-UX
1834136 Members
2235 Online
110064 Solutions
New Discussion

BTMP getprpw Mismatch

 
MSwift
Regular Advisor

‎10-26-2009 05:00 AM

‎10-26-2009 05:00 AM

BTMP getprpw Mismatch

I have a user who gets reported for failed login in getprpw (lockout=0001000), but the lastb -R does not report this failed login. lastb reports correctly when i try to do a failed login and for others too except this application ID. I have verified that the application is not running any cronjobs/etc which does a login. Any ideas!! system is 11.0 HP trusted.

Thanks

Mike
0 Kudos
Reply
3 REPLIES 3
Steven E. Protter
Exalted Contributor

‎10-26-2009 05:34 AM

‎10-26-2009 05:34 AM

Re: BTMP getprpw Mismatch

Shalom,

Many admins have a script that periodically cleans up the btmp file. Perhaps this is clearing the data on the bad logins.

Also, people doing stuff they should not like to clean up after themselves.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
BUPA IS
Respected Contributor

‎10-26-2009 06:13 AM

‎10-26-2009 06:13 AM

Re: BTMP getprpw Mismatch

Hello,
Because, as I understand it, trusted system is sort of built around normal login. I think it goes like this:
If the user id and/or password are wrong. Log it in btmp and throw them out.
If the user id and password are correct then a good login is recorded in wtmp. After you get past this trusted system checks for other stuff in its database like time of day and admin lockout. If any of these fail the user is logged off and an invalid attempt is recorded in the trusted system database. Once the failied login count is reached for any reason the lockout out is set .

Another possiblity is that there may be corrupt entries in the btmp and wtmp files You check them using the fwtmp utility.

Also run pwck -s (or just authck -p) to check the integrity of the trusted system database files

Mike

Help is out there always!!!!!
0 Kudos
Reply
MSwift
Regular Advisor

‎10-26-2009 06:51 AM

‎10-26-2009 06:51 AM

Re: BTMP getprpw Mismatch

authck is fine and there are no scripts which clears the btmp (as i mentioned if i or my co-worker ) do a bad login it reports.

Thanks

Mike
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.