Kristijan.org

Maintain wtmp on AIX

Posted by Kristijan on Tuesday, April 13th, 2010

/var/adm/wtmp on AIX maintains a list of past user sessions and information about the restart/shutdown of that particular system. While this file is normally very small in terms of file size, on an active box, this can grow if not properly maintained. You can use the “last” command to read wtmp, or export it to a text file for further processing with “fwtmp”. While you can simply redirect nothing into wtmp to empty it out “>/var/adm/wtmp”, it’s always a good idea to keep this file (or at least a backup) for security/auditing reasons.

Below is a simple script which will rotate the last 1000 entries in wtmp and discard the rest.

#!/bin/ksh
#
# Maintain the last 1000 lines in /var/adm/wtmp
# and discard the rest.
#
if [ -s /var/adm/wtmp ]; then
   /usr/sbin/acct/fwtmp < /var/adm/wtmp > /tmp/wtmp.tmp
   /usr/bin/tail -1000 /tmp/wtmp.tmp | /usr/sbin/acct/fwtmp -ic > /var/adm/wtmp
   /usr/bin/rm /tmp/wtmp.tmp
else
   continue
fi

Run it out of crontab nightly or whenever suits you.

Posted in: Shell Scripting.

3 Responses to “Maintain wtmp on AIX”

1. MarkSpizer Says:
   May 2nd, 2010 at 10:42 pm

   great post as usual!

2. Wordpress Themes Says:
   May 4th, 2010 at 4:44 am

   Nice post and this post helped me alot in my college assignement. Gratefulness you as your information.

3. school grants Says:
   May 15th, 2010 at 2:09 pm

   I’ve recently started a blog, the information you provide on this site has helped me tremendously. Thank you for all of your time & work.

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website