Hi, podolica wrote on Sat, Jul 17, 2021 at 12:36:05PM +0000: > Philip Guenther <[email protected]> schrieb am 17. Juli 2021 um 11:09:
>> That file is specific to the 'login' command, specifically the >> source file /usr/src/usr.bin/login/failedlogin.c and consists of >> an array of the 'badlogin' structure specified there. If you want >> to dump its contents in a more readable format then you should write >> a small program to do so in C or some other language which can >> easily handle binary files. > Thank you, that seems to be an explanation. Lerning never stops :-) By the way, to help learning even more, part of what Philip explained can be guessed from the manual, even though it isn't fully spelled out. What one might do to find out is this: $ man failedlogin man: No entry for failedlogin in the manual. Hmm, that file does not have its own manual page in section 5. That means it is likely used by one single program only. But which one? $ man -k any=failedlogin login(1) - log into the computer Ah, bingo, so let's read that page! $ man login [...] If the file /var/log/failedlogin exists, login will record failed login attempts in this file. Immediately after logging a user in, login displays the system copyright notice, the date and time the user last logged in, the date and time of the last unsuccessful login (if the file /var/log/failedlogin exists), the message of the day as well as other information. [...] FILES [...] /var/log/failedlogin failed login account records Admittedly, that's the end of the documentation as far as i can see. If you wanted to know even more, you would then go read the source code of the program in question: $ which login /usr/bin/login Consequently, it likely lives in /usr/src/usr.bin/login/. Yours, Ingo
