Kónya Zoltán wrote: >> Kozben jott egy otletem: a logrotate "elrontja" a regi wtmp-t, igy a >> regieket is vegig kene nezni. >> >> > nem hiszem, hogy ez lenne a gond > mintha csak nagyon "rendszerbelépéseket" hozna, pl. runlevel, reboot, > local login, de fura, van egy ssh is > a logrotate aug. 1-én kezdte az új fájlt, s progik hoznak júliusi > belépést is? > > c - ennyi az össz belépés , mint már írtam, rengeteg ftp/ssh loginnak > kellene lennie - > Ty PID Line ID User Last > login Host > -- ------ ---------- ---------- ---------------- > --------------------- -------- > 8 450 si Sat 2009-07-18, 19:18 > 2 0 ~ ~~ reboot Sat 2009-07-18, 19:18 > 1 20018 ~ ~~ runlevel Sat 2009-07-18, 19:18 > 8 4338 l2 Sat 2009-07-18, 19:19 > 6 5145 tty1 1 LOGIN Sat 2009-07-18, 19:19 > 6 5146 tty2 2 LOGIN Sat 2009-07-18, 19:19 > 6 5147 tty3 3 LOGIN Sat 2009-07-18, 19:19 > 6 5148 tty4 4 LOGIN Sat 2009-07-18, 19:19 > 6 5149 tty5 5 LOGIN Sat 2009-07-18, 19:19 > 6 5150 tty6 6 LOGIN Sat 2009-07-18, 19:19 > 8 32057 pts/0 ts/0 Mon 2009-07-20, 16:07 > 7 13744 pts/2 ts/2 root Mon 2009-08-10, > 09:42 mail.tavoligep.hu > 8 19979 pts/4 ts/4 Fri 2009-08-07, 12:37 > 8 22821 pts/3 ts/3 Fri 2009-07-31, 12:50 > > perl - ez is annyit hoz mint a c prog -: > pl. > MainKey: ut_tv -> HASH(0x81c526c) > SubKey: 33603 > SubKey: 1247937512 > MainKey: ut_line -> ~ > MainKey: ut_time -> 1247937512 > MainKey: ut_id -> ~~ > MainKey: ut_host -> > MainKey: ut_addr -> > MainKey: ut_exit -> HASH(0x81c5128) > SubKey: 0 > SubKey: 0 > MainKey: ut_pid -> 20018 > MainKey: ut_user -> runlevel > MainKey: ut_type -> 1 > Ilyet szeretnel?
r...@x232-2:~# last USER TTY HOST LOGIN TIME root pts/2 sk8n.nns.hu Aug 10 14:54 root pts/3 sk8n.nns.hu Aug 10 14:00 HalaszGabor pts/1 sk8n.nns.hu Aug 10 13:56 HalaszGabor pts/0 sk8n.nns.hu Aug 10 13:42 root pts/0 sk8n.nns.hu Aug 10 13:42 root pts/0 Aug 10 12:27 root pts/0 Aug 10 12:27 root pts/1 sk8n.nns.hu Aug 10 12:25 root pts/0 sk8n.nns.hu Aug 10 12:24 root pts/2 ga-k8nf-9-1.nns.hu Aug 9 01:28 root pts/5 ga-k8nf-9-1.nns.hu Aug 9 00:21 root pts/4 nstation-1.nns.hu Aug 8 23:53 Ehhez eloszor is el kell olvasni a man wtmp-t: The wtmp file records all logins and logouts. Its format is exactly like utmp except that a null user name indicates a logout on the associated terminal. Furthermore, the terminal name ~ with user name shutdown or reboot indicates a system shutdown or reboot and the pair of terminal names |/} logs the old/new system time when date(1) changes it. wtmp is maintained by login(1), init(1), and some versions of getty(8). Neither of these programs creates the file, so if it is removed, record-keeping is turned off. Mivel az ssh nem login, nem init, plane nem getty, igy ismet olvasas kovetkezik, man sshd_config: UseLogin Specifies whether login(1) is used for interactive login sessions. The default is ``no''. Note that login(1) is never used for remote command execution. Note also, that if this is enabled, X11Forwarding will be disabled because login(1) does not know how to handle xauth(1) cookies. If UsePrivilegeSeparation is specified, it will be disabled after authentication. A harmadik dologot nem tudom, hogyan tudod egyszeruen megvalositani, de ki kell dobni a hulladek sysv-init csomagot vagy egy reszet: r...@x232-2:~# last -v BusyBox v1.14.3 (2009-08-05 15:13:07 CEST) multi-call binary Usage: last Show listing of the last users that logged into the system -- Gabor HALASZ <halas...@freemail.hu> _________________________________________________ linux lista - linux@mlf.linux.rulez.org http://mlf2.linux.rulez.org/mailman/listinfo/linux