HPE Community
Operating System - HP-UX
1820291 Members
3394 Online
109622 Solutions
New Discussion юеВ

system not logging to btmp

 
SOLVED
Go to solution
Jeff Oliver
New Member

тАО01-25-2002 08:46 AM

тАО01-25-2002 08:46 AM

system not logging to btmp

Hi,

My HPUX 11 system is not logging to /var/adm/btmp, but /var/adm/wtmp is working fine. Both are in /etc, as other threads have described. Is there a system or inetd service that needs to be running for btmp to work? What would cause it to not work (other than that I'm an idiot)?

Regards,

Jeff
Sometimes you're the windshield, sometimes you're the bug.
0 Kudos
Reply
8 REPLIES 8
Vladislav Demidov
Honored Contributor

тАО01-25-2002 08:54 AM

тАО01-25-2002 08:54 AM

Re: system not logging to btmp

Hello Jeff,
You have to create /var/adm/btmp by youself.
run touch /var/adm/btmp
0 Kudos
Reply
Sanjay_6
Honored Contributor

тАО01-25-2002 08:55 AM

тАО01-25-2002 08:55 AM

Re: system not logging to btmp

Hi Jeff,

The file /etc/btmp should be lined to /var/adm/btmp.

cd /etc
ll btmp
btmp --> /var/adm/btmp

The file permission on /etc/btmp are lrwxrwxrwt and the permission on /var/adm/btmp are -rw-------

Hope this helps.

Regds
0 Kudos
Reply
Jeff Oliver
New Member

тАО01-25-2002 09:08 AM

тАО01-25-2002 09:08 AM

Re: system not logging to btmp

Hi,

All of this is set up as everyone has instructed. /var/adm/btmp exists and /etc/btmp is linked to it. Similarly /var/adm/wtmp exists and /etc/wtmp is linked to it. wtmp is logging information, but btmp is not.

Any ideas?

Regards,

Jeff
Sometimes you're the windshield, sometimes you're the bug.
0 Kudos
Reply
Sanjay_6
Honored Contributor

тАО01-25-2002 09:35 AM

тАО01-25-2002 09:35 AM

Re: system not logging to btmp

Hi Jeff,

suggest you remove the existing /var/adm/btmp file and create a new file with 0 bytes and see if it starts logging. There is no configuration variable for this purpose.

cat /dev/null >/var/adm/btmp

Hope this helps.

Regds
0 Kudos
Reply
Jeff Oliver
New Member

тАО01-25-2002 10:03 AM

тАО01-25-2002 10:03 AM

Re: system not logging to btmp

Sanjay,

Well, now it gets interesting. I recreated the file as you said, and it still didn't seem to work. BUT, it does work...my testing method just wasn't valid.

You see, I have disabled telnet and only allow shell access via ssh. Ssh for some reason either doesn't use "login", or I have some parameter in sshd mis-configure. Because when I try to ssh to the server with a bogus account, nothing gets logged to btmp, but when I just execute "login" from the command prompt and type bogus info, information is sent to btmp.

Sooooo, I guess my question changes to why isn't ssh routing invalid logins to btmp? Should I ask this in a different thread? Do you have any ideas?

Jeff
Sometimes you're the windshield, sometimes you're the bug.
0 Kudos
Reply
Sanjay_6
Honored Contributor

тАО01-25-2002 10:07 AM

тАО01-25-2002 10:07 AM

Solution

Re: system not logging to btmp

Hi Jeff,

I can't say you should this question in another thread. You can leave the question over here and wait for the responses if you can. If you don't get some good answers post it as a seperate thread. Don't allot 8 or more points to anyone till you get the results in this thread.

Regds
Reply
Sanjay_6
Honored Contributor

тАО01-25-2002 10:30 AM

тАО01-25-2002 10:30 AM

Re: system not logging to btmp

Hi Jeff,

See if there is a file called /var/log/secure and if it is logging the bad login attempts using ssh.

Hope this helps.

Regds
0 Kudos
Reply
Jeff Oliver
New Member

тАО01-25-2002 10:32 AM

тАО01-25-2002 10:32 AM

Re: system not logging to btmp

Sanjay,

It turns out that, at least on the version of sshd I'm running, use of btmp is not supported. From the installation notes:

----
Mechanisms for updating wtmp, utmp, lastlog, and similar mechanisms
are not standardized. Ssh substitutes many of the functions of the
conventional login program. These functions are implemented in login.c.
You may need to modify this file to make it work on exotic systems.
Please send any modifications and bug fixes back to the author for inclusion
in the distribution. If you just want to try ssh, and cannot get this file
to compile, if is safe to define all of the functions as empty; however,
in that case logins will not be logged.
---------

So far, what I've seen from even the most recent version of openssh, it's still not supported. All the developers ever seem to say is "if you want the feature, add it yourself"...a typical response when its something this obscure I suppose. I'm going to post a new thread and give you the 8 points...you deserve it as you got me thinking and digging. thanks.

Jeff
Sometimes you're the windshield, sometimes you're the bug.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.