How to read wtmp & utmp
Elaine Poulsen
When I try to more, cat, or view them with an editor it
messes up my terminal. What should I be doing right?
--
Elaine Poulsen TIAER: Tex Institute for Appl. Env. Research
Web Designer MailStop T-0410, 201 St. Felix
817/968-9xxx Tarleton State University
fax 968-9568 Stephenville, TX 76402
Zenon Fortuna
Elaine Poulsen <stz6ft3@PROBLEM_WITH_INEWS_DOMAIN_FILE> wrote:
>How do I read what is in my utmp and wtmp files in Linux.
>When I try to more, cat, or view them with an editor it
>messes up my terminal. What should I be doing right?
>
The utmp/wtmp files are binary. Each entry is of the "struct utmp" type.
Utilities like "last" or "who" read those records and parse their contents.
To see the strings inside the utmp/wtmp file use
% strings /var/adm/utmp
or
% od -c /var/adm/utmp
Zenon
Glenn T. Jayaputera
>How do I read what is in my utmp and wtmp files in Linux.
>When I try to more, cat, or view them with an editor it
>messes up my terminal. What should I be doing right?
Yeah... I would like to know too... what they are for?
cheers
glenn tesla
Pete Glasscock
utmp hold information about the users currently logged onto your system. It
is used for things such as 'wall' and 'who'. Similarly, wtmp contains info
about all previous log-ins. I myself regularly clean this one up.
You can read them from C. I'm not sure of any way of reading them from the
shell. You could try 'who' :-)
Pete
--
Peter Glasscock | Churchill College | If God is perfect, why did He
Asst Computer Officer | CAMBRIDGE CB3 0DS | invent discontinuous functions?
Mike Herman
wtmp keeps a running record of who has logged in.
The who command can read both. With no options, who reads utmp.
who followed by the path to the wtmp file, will spit out the list of
logins since the file was created.
--
--------------------------------------------------------------------------
Mike Herman mi...@hernix.org hernix!mike
Hernix provides low volume email and UUCP feeds in the Cleveland area.
--------------------------------------------------------------------------
Scott Burkett
: When I try to more, cat, or view them with an editor it
: messes up my terminal. What should I be doing right?
A bit off-topic for this newsgroup, but check into the getutent() and
endutent() library functions. They should be available via your manual
pages.
Regards.
--
Scott Burkett, sco...@intnet.net | Co-Author of the Linux Programmer's Guide
Computerpeople/DCI, Inc. | URL: http://www.wta.com/tblgnuts
St. Petersburg, Florida, USA | Tampa Bay Linux GNU Technical Society
Harry Leong Hong Ho
PLEASE help me!
I have downloaded linux slackware 2.2.0, use bare12 and umsdos12 as boot and t disks. When i tried to boot disk bootdisk, it displayed this message:
...
...
hda: IRQ probe failed (0)
and then the system hanged (LED of a: was on, and i could hear the sound)
Can someone tell me what's wrong? Is that a problem with my HD? I realy need hel
My PC setting: 386DX 33MHz, 114 HD(drive c), 1.2 FD(the one i use to boot, a:)
IDE controller, VGA card.
And also, how to make my b: bootable? It's a 1.44 FD. Thank you in advance.
H Ho
Mitch Rybczynski
I've had the same problem with booting from the bare144 kernel.
My machine is a P90 on an old 'MC2' motherboard, 8MB, 504 MB HD on a PCI-IDE
controller.
I've tried playing with the bios chipset settings, but to no avail...
As for booting from your 1.44 FD, either try your bios for a floppy boot setup. Or
physically change the controller cable attachment from your 1.2 to 1.4 and vice
versa.
----
Mitch Rybczynski | The preceeding was pure personal
mitch.ry...@nt.com | opinion. Well, maybe not _pure_
Mike Green
>
>Glenn T. Jayaputera <g...@budgie.apana.org.au> wrote:
>>stz6ft3@PROBLEM_WITH_INEWS_DOMAIN_FILE (Elaine Poulsen) writes:
>>
>>>When I try to more, cat, or view them with an editor it
>>>messes up my terminal. What should I be doing right?
>>
Try the last command. Or, man last.
Robert Hart
I knocked together this quick little perl script to do this...
#!/usr/bin/perl
#
# Print the utmp/wtmp file entries.
#
# Invocation: p_uwtmp <filename>
#
# Robert Hart (ha...@hedunx.hedland.edu.au) July 1995
#
# Because of some weirdness in Perl, the effective utmp definition is:-
#
# struct utmp {
# 2 bytes short ut_type; /* type of login */
# 2 bytes short dummy1; /* unused !!! */
# 4 bytes pid_t ut_pid; /* pid of process - long*/
# 12 bytes char ut_line[12]; /* device name of tty -"/dev/"
*/
# 2 bytes char ut_id[2]; /* init id or abbrev. ttyname */
# 2 bytes short dummy2; /* unused !!! */
# 4 bytes time_t ut_time; /* login time - long*/
# 8 bytes char ut_user[8]; /* user name, not null-term */
# 16 bytes char ut_host[16]; /* host name for remote login */
# 4 bytes long ut_addr; /* IP addr of remote host */
# };
$rec = 56; # the number of bytes in the u/wtmp record
require "ctime.pl"; # convert unix time to human readable
# test we were called correctly...
if (scalar(@ARGV == 0)) {
printf("p_uwtmp: I require the name of a u/wtemp file\n");
exit;
}
# test the passed filename exists and is not zeo length...
if (!(-r $ARGV[0]) || (-z $ARGV[0])) {
printf("p_uwtmp: %s does not exist, is not readable or is zero
length\n",$ARGV[0]);
exit;
}
#
# OK - we can read the file and it has something in it
#
printf("Read from file %s\n\n",$ARGV[0]);
open(INF, $ARGV[0]); # open the passed file for reading
$offset = 0; # we start at the beginning...
while (read(INF,$buf,$rec)) { # keep looping to the end of file
@utmp = unpack("S S L a12 a2 S L a8 a16 S S S S",$buf);
printf("Login type : %s\n",$utmp[0]);
printf("Pid : %s\n",$utmp[2]);
printf("Device : %s\n",$utmp[3]);
printf("Init id/dev : %s\n",$utmp[4]);
printf("Log in at : %s",&ctime($utmp[6]));
printf("User : %s\n",$utmp[7]);
printf("Remote host : %s\n",$utmp[8]);
printf("IP number :
%s.%s.%s.%s\n\n",$utmp[9],$utmp[10],$utmp[11],$utmp[12]);
sleep(5);
}
--
---
Robert Hart ha...@hedunx.hedland.edu.au
Voice: +61 (0)91 72 0429 Fax: +61 (0)91 72 3560
Hedland College, PMB 1, South Hedland WA 6722 Australia