Operating System - HP-UX
1839192 Members
4785 Online
110137 Solutions
New Discussion

Re: How important is wtmp

 
joe_91
Super Advisor

How important is wtmp

Hi Team:

We are running on 11.0 and have the xemulator (server) running on the Unix box with client running on the PC. When the Users log from the pc (thru xemulator) the login process updates the utmp file but not the wtmp file. Now the gurus, please let me know all the disadvantages that you can point out 'coz of this behavior. I had the following points...
1. Any script running on the Unix box which references the wtmp file would break.
2. Any script, which uses commands like last, would fail.
Please note that users from the pc do *not* have telnet session and are directly put inside an xmotif application after they login.
With these points please let me know what the disadvantages are of not updating the wtmp file.
Thanks
Joe
5 REPLIES 5
Pete Randall
Outstanding Contributor

Re: How important is wtmp

Joe,

From man wtmp:

File utmp contains a record of all users logged onto the system. File
btmp contains bad login entries for each invalid logon attempt. File
wtmp contains a record of all logins and logouts.

It sounds to me like all you would lose is the record of logouts - safe enough, I would think.

Pete

Pete
Helen French
Honored Contributor

Re: How important is wtmp

Some thoughts:

1) User account auditing will not be possible.
2) Trace a particular login/user not possible.
3) Incorrect information if you enable system accounting (man 1M acct).

Also see this document (TKB # KBRC00000070) for some more inputs:

http://support2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000054952185
Life is a promise, fulfill it!
Paula J Frazer-Campbell
Honored Contributor

Re: How important is wtmp

Hi Joe

As you know btmp and wtmp are used with telnet and as already said tracking of users that do not use telnet is difficult.

I have a over 14000 connection/day via x25 which does not use telnet, I watch their connectivity by using ps associated with who and look for processes which do not associate with a telnet login (who).

Failing to make entry in wtmp because of their connectivity is not a problem.


Paula
If you can spell SysAdmin then you is one - anon
MANOJ SRIVASTAVA
Honored Contributor

Re: How important is wtmp

Hi Joe


The importance also is realted to the importance of the system , I can think of the following scenarios :

1. Production system ( internal ) very critical
2. Prodcution system ( external access ) mandatory to be saved .
3.Dev system Not very critcal .

You may look at these .

http://www.ebone.at/books/programmers/sonstiges/oreillybookself/tcpip/puis/appb_01.htm


Manoj Srivastava
joe_91
Super Advisor

Re: How important is wtmp

Hi Manoj:

Thanks. The machine i am talking about is a production system.

Thanks
Joe.