deleting utmp and wtmp

Kernels & Hardware, configuring network, installing services

deleting utmp and wtmp

Postby kereberos » 2017-06-18 15:57

Every time i delete the following files to avoid loggings, they come back automagically...and i don't want this to happen.
Code: Select all
       /var/log/utmp
       /var/log/wtmp
       /var/log/btmp
       /var/run/utmp

What program recreates the above files on startup? and how to stop it? i want to delete them permanently.

From man last:
Code: Select all
NOTES
       The files wtmp and btmp might not be found. The system only logs infor‐
       mation  in  these files if they are present. This is a local configura‐
       tion issue. If you want the files to be used, they can be created  with
       a simple touch(1) command (for example, touch /var/log/wtmp).
yet something runs the equivalent of "touch /var/log/wtmp /var/log/utmp" without asking and this is bad.
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby phenest » 2017-06-18 16:18

Why do you want to delete them? Are they causing you problems?
NEC Spirit 550 P4 3.8GHz HT - 2GB RAM - nVidia 7600GT - Pioneer BDR-209DBK
ASUS Sabertooth P67 i7 3770K - 32GB RAM - 2x nVidia 660GTX SLI'd
User avatar
phenest
 
Posts: 1571
Joined: 2010-03-09 09:38
Location: The Matrix

Re: deleting utmp and wtmp

Postby kereberos » 2017-06-18 16:32

I want to disable the logging of logged in users.
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby kereberos » 2017-06-20 14:11

BUMP
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby kereberos » 2017-06-23 15:20

BUMP
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby kereberos » 2017-06-25 20:04

BUMP
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby VentGrey » 2017-06-25 20:52

Have you tried....I don't know following webpages advice?

https://www.cyberciti.biz/faq/howto-display-clear-last-login-information/

De-Bump
“I felt myself on the edge of the world; peering over the rim into a fathomless chaos of eternal night.”
― H.P. Lovecraft after trying Debian SidImage
User avatar
VentGrey
 
Posts: 161
Joined: 2016-04-26 23:57
Location: Guanajuato México

Re: deleting utmp and wtmp

Postby kereberos » 2017-06-26 14:47

1) If you empty the log-files you clear the logs... but it is expected they to come back in the future.
2) If you delete the log-files you clear the logs and prevent them from returning.
That is what the manual say (man last)

I don't want to clear the logs but to clear them permanently (so that they won't log anything anymore). Basically i want to do the thing #2. The article you linked talks about #1

It seems there is something (systemd? maybe i don't know no idea) that automatically recreates the deleted files. This gives other programs the opportunity to log new information.
The UNIX design is to work as in #2... but for some reasons deleting the files is not enough for Debian. I don't know if this is a issue only for Debian or all systems with systemd or what else. But the documented way just does not work. The documentation is wrong is a way or the other....and either way it is a shame nobody knows anything about the way logging works in Debian (i ain't talking to you VentGrey but all expert System Administrators and Users in this forum actually knowing shit about UNIX, Linux, Debian, systemd and everything. No idea why running a support forum if there's nobody able to give any effective support).

Long story short SOLUTION NOT yet FOUND BUMP
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby VentGrey » 2017-06-26 15:23

As far as google concerns there are no results on this, the only thing that I could find that was similar to what you requested is about truncating the wtmp file. :shock:

Code: Select all
KEEP=500
DEST=/scratch

# Delete all but last $KEEP lines from wtmp
/usr/lib/acct/fwtmp < /var/adm/wtmp > $DEST/wtmp.out
tail -$KEEP $DEST/wtmp.out | /usr/lib/acct/fwtmp -ci > /var/adm/wtmp

# Keep everything except last $KEEP line in $DEST bzip2 date-stamped file
sed -e :a -e '$d;N;2,'$KEEP'ba' -e 'P;D'  $DEST/wtmp.out | bzip2> $DEST/wtmp_$(date +%Y%m%d).bz2
rm $DEST/wtmp.out


source: http://www.unix.com/shell-programming-a ... files.html
“I felt myself on the edge of the world; peering over the rim into a fathomless chaos of eternal night.”
― H.P. Lovecraft after trying Debian SidImage
User avatar
VentGrey
 
Posts: 161
Joined: 2016-04-26 23:57
Location: Guanajuato México

Re: deleting utmp and wtmp

Postby kereberos » 2017-06-27 16:01

I did read the documentation. I did the search myself before posting. Google, bing, yahoo, duckduck, ixquick. You name it.
All to no avail.

The documentation is wrong and doesn't work. On the Internet nobody seems to have ever disabled the logging of logged-in users in recent Debian releases. On old releases without systemd, it seems the UNIX way was working. So i think this problem was introduced by systemd and systemd is recreating the deleted files (breaking the UNIX way to disable user-logging...)
Debian is going downhill so quickly. It is a pack of software piled up by stupid incompetents that don't even know what they're doing. No wonder nobody is able to answer a simple question such as a way to disable the logging system.

BUMP
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby GarryRicketson » 2017-06-27 16:29

No wonder nobody is able to answer a simple question such as a way to disable the logging system.

Regardless of the reason nobody can answer a simple question, it is obvious
nobody is going to answer, when nobody answers.
Repeatedly bumping the post is not going to change this.
Please read: Forum guidelines. Please read before first post!

And before getting mad, and upset,..Please read this thread:
http://forums.debian.net/viewtopic.php?f=30&t=133532&p=648141#p648141

Postby kereberos » 2017-06-27 10:01 >>Debian is going downhill so quickly. It is a pack of software piled up by stupid incompetents that don't even know what they're doing. No wonder nobody is able to answer a simple question such as a way to disable the logging system.


If you are really that unhappy with Debian, the way it is there is plenty
of other options, nobody is forcing you to use Debian.
If you don't like the free meal, either learn how to cook and make your own dinner, or go to a different "soup kitchen", or also you could try to help the workers, in the kitchen.
Thank you
-----------edited-------------------------
There is nothing wrong with not being happy with the way things are with Debian now, but calling people , the developers, and the people that try to help by keeping this forum on-line and available " stupid incompetents ", that is totally UN-called for, if you are so smart and perfect, Why don't you open up the source code, and edit the code that causes user login logs to be created, re-compile, it ? Could it be because you are also the same, as what you are calling others ? problem solved .
If any body knew of a simple , easy solution , I am sure they would have published it some where, and it would come up in searches, if someone here
knew of a easy simple solution, I am sure they would tell you, and share it.
Please stop bumbing this every day, even the bumping is not that bad, but to start calling everybody "" stupid incompetents ", is way off base.
Last edited by GarryRicketson on 2017-06-27 19:09, edited 1 time in total.
"What we expect you have already Done"

Before doing anything, read the Debian documentation:
Debian Documentation
How to ask the smart way
Debian Foro Español
======================
For the Birds
User avatar
GarryRicketson
 
Posts: 4588
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Re: deleting utmp and wtmp

Postby reinob » 2017-06-27 17:39

kereberos wrote:I want to disable the logging of logged in users.


Have you already looked in /etc/login.defs?
That's the configuration for the login program.
Check:
LOG_OK_LOGINS
LOG_UNKFAIL_ENAB

and disable as required.

Please note that if you're using PAM some of the settings may be ignored, as PAM includes its own configuration.
For the record, I don't think that systemd has anything to do with this.. but you never know :)
reinob
 
Posts: 521
Joined: 2014-06-30 11:42

Re: deleting utmp and wtmp

Postby kereberos » 2017-06-28 12:51

There is documentation available in Debian about how all worked before (the UNIX way) and at the same time that documentation is outdated and does not work because there is systemd and some guys decided to push it inside Debian and weren't aware of what the f* they were doing at all. Red Hat's in command.
It's possible somebody will see this post and answer. This is why it's ok to BUMP the topic to keep it alive. At the same time i am very disappointed with a distro that was supposed to be stable and broke all the standards for no reason whatsoever. What the heck were those guys doing and thinking. Pushing non-standard unstable software without proper documentation and old, thus misleading, documentation into a stable distro. Sounds not smart.
This support forum is also very disappointing because nobody ever knows anything. I looked at other topics. The average quality of answers ranges from a "why are you asking it" to a "google it yourself". Your long lecture with no actual answer to solve the problem is actually indicative of my point. Nobody is forcing you to send unhelpful answers. When you suggest to switch distro you confirm this distro turned into total crap. Brilliant. GTFO.

Code: Select all
# Enable display of unknown usernames when login failures are recorded.
#
# WARNING: Unknown usernames may become world readable.
# See #290803 and #298773 for details about how this could become a security
# concern
LOG_UNKFAIL_ENAB        no

#
# Enable logging of successful logins
#
LOG_OK_LOGINS           no

Thank you for your useful attempt reinob. However these options look disabled by default. The problem is for sure caused by systemd... what else software would create on its own files on the filesystem breaking standards and the way other programs work... There is a mix of outdated and misleading docs that make difficult to understand what breaks what. That's also typical of badly designed system(d)s.
kereberos
 
Posts: 62
Joined: 2011-05-23 09:12

Re: deleting utmp and wtmp

Postby dilberts_left_nut » 2017-06-28 13:11

kereberos wrote:There is documentation available in Debian ... that documentation is outdated and does not work
So stop whining and file a bug report.

kereberos wrote:This is why it's ok to BUMP the topic to keep it alive.
No, that will just get your topic locked.
AdrianTM wrote:There's no hacker in my grandma...
User avatar
dilberts_left_nut
 
Posts: 4741
Joined: 2009-10-05 07:54
Location: enzed

Re: deleting utmp and wtmp

Postby GarryRicketson » 2017-06-28 15:11

by kereberos » Pushing non-standard unstable software without proper documentation and old, thus misleading, documentation into a stable distro. Sounds not smart.

There are 2 sides to that coin, and one can look through the forum and see
countless posts complaining and pushing for Debian to be "new and shiny",
like some of the other distros, and all though I am not positive on this , I do
suspect there was a lot of "pressure" from others, to try to get the new release
ASP, maybe many users need to think about it twice, before pressuring the "cooks" and trying to tell them to, "hurry up , just serve the "free meal",.. we don't like to wait, ... well now we see the results, a meal was served, not really ready to
eat,.. and the complaining continues.

There is documentation available in Debian about how all worked before (the UNIX way) and at the same time that documentation is outdated and does not work because there is systemd and some guys decided to push it inside Debian

Yes this is quite true, and is my reasons for sticking with "old stable" and Debian versions that are well established, and were released, before the "Big bang", so
to speak,..
Have you ever even thought about trying to help update the outdated documentation ? I have my doubts .
Even just user can join the wiki, and help with that, and there is a very real need for this,..
The same for the Debian.org web site, how ever it is some what more complicated, and that probably is part of the problem there.
by kereberos » Brilliant. GTFO.

You are a real winner, brilliant,...and of course you are all ways right, in any event , no point in arguing with a troll, it is a pointless waste of time, and there are 100s of pages on the wiki that need spanish translations, as well as being updated,... so any way,... that is all from me. I do have better things to do.
YES
User avatar
GarryRicketson
 
Posts: 4588
Joined: 2015-01-20 22:16
Location: Durango, Mexico

Next

Return to System configuration

Who is online

Users browsing this forum: wompa and 10 guests

fashionable