HPE Community
Operating System - HP-UX
1836415 Members
2493 Online
110100 Solutions
New Discussion

Re: Not able to kill the logins

 
SOLVED
Go to solution
sanalp
Occasional Contributor

‎05-21-2008 11:00 PM

‎05-21-2008 11:00 PM

Not able to kill the logins

i am facing a problem of not able to kill the users who have not logged out properly .they have logged in long days back and when i use the command who its showing users and PID but while killing its showing proces doesnt exists.if we reboot or change the security policy to allow more than three login it will work out.but i heard that if we edit wtmp then its possible could any one help me in this case.....
thanks in advance...
0 Kudos
Reply
4 REPLIES 4
Dennis Handly
Acclaimed Contributor

‎05-21-2008 11:11 PM

‎05-21-2008 11:11 PM

Solution

Re: Not able to kill the logins

>kill the users who have not logged out properly .they have logged in long days back and when i use the command who

These users aren't logged in, if utmps is corrupted, then who(1) will lie to you.

>heard that if we edit wtmp then its possible

You can just reset the file with "> /var/adm/wtmps".
If you want to save the date, you have to edit it after using fwtmp(1M).

Reply
Jeeshan
Honored Contributor

‎05-21-2008 11:30 PM

‎05-21-2008 11:30 PM

Re: Not able to kill the logins

Hi

You can see which users still login with PID using
#who -u

But it happens when a user logout unexpectedly or don't logout using exit command. then the user's login histry you see in who -a output.

you can alos verify if the user still in use try command

#ps -fu
a warrior never quits
0 Kudos
Reply
sanalp
Occasional Contributor

‎05-21-2008 11:33 PM

‎05-21-2008 11:33 PM

Re: Not able to kill the logins

could you explain...
since its binary file.....
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎05-22-2008 12:02 AM

‎05-22-2008 12:02 AM

Re: Not able to kill the logins

>could you explain, since it's binary file..

Look at fwtmp(1M). Basically:
# /usr/sbin/acct/fwtmp -X < /var/adm/wtmps > wtmps.txt
edit wtmps.txt
# /usr/sbin/acct/fwtmp -icX < wtmps.txt > /var/adm/wtmps
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.