On 2024-05-31 01:05:51 +0800, Jun MO wrote:
> And if I understood correctly, wtmpdb require program use PAM to update
> wtmpdb, thus program not use PAM will still write /var/log/wtmp. For
> example, tmux write /var/log/wtmp via libutempter0 and I do not see tmux
> depends on pam.
GNU Screen and xterm also write to /var/log/wtmp via libutempter0. So
this is libutempter0 that should actually be fixed. There is no need
to change the interface, as utempter_add_record uses neither the time
nor a specific structure to write to the file:
int
utempter_add_record(int fd, const char *host);
utempter_add_record() function adds a login record to the database
for the TTY belonging to the pseudo-terminal master file descriptor
fd, using the username corresponding with the real user ID of the
calling process and the optional hostname host. This function spawns
a privileged process to perform the actual logging.
> $ cat /var/log/wtmp.1 /var/log/wtmp >> wtmp-combined
> $ last -f wtmp-combined
>
> The output will show when a user logout for those previously
> "gone - no logout" lines. I just realize this about a month ago.
Thanks. I didn't know that.
> I know there is a utmpdump(1) in the util-linux package, that is still
> available in 2.40.1-3 version. The command will dump more information
> than last(1); but it is for every single records, one may need to
> manually match login with logout, boot with shutdown, etc. Still it
> seems to me some information, e.g. exit_status, are still missing.
The host names are also dropped.
I've never seen an exit status. But the wtmp(5) man page says
"not used by Linux init(1)".
--
Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
