RE: Rebuilding wtmp
Nevermind, I figured it out. I needed to rebuild ssh. Thanks everyone.
-Kyle Mott
> -Original Message-
> From: aardvark [mailto:[EMAIL PROTECTED]
> Sent: Monday, July 12, 2004 4:40 PM
> To: Kyle Mott
> Cc: [EMAIL PROTECTED]
> Subject: Re: Rebuilding wtmp
>
> Kyle Mott disturbed my sleep to write:
> > I read a few manpages and did some google'ing, and couldn't find
much of
> > anything about rebuilding wtmp. I tried just moving wtmp to wtmp.old
and
> > then doing 'touch wtmp', then logging out and back in, but it still
> > reads 31Dec69. Is there some way to fix this? Thanks all.
>
> It's possible that there's some process holding open wtmp. (You could
> check this by adding lsof ("list open files") from ports -- *very*
handy
> to have around on general principle). If this is the case, probably
> the easiest way to fix things would be to rename the file, touch wtmp,
> then reboot.
>
> Interestingly enough, a Google for "wtmp freebsd" turned up this
message
> from the FreeBSD-Security list:
>
> http://archives.neohapsis.com/archives/freebsd/2001-07/0055.html
>
> which suggests "cp /dev/null /var/log/wtmp" to fix things -- at least
on
> Solaris.
>
> I am now blessing your keyboard...
>
> --
> Saint Aardvark the Carpeted
> [EMAIL PROTECTED]
> Because the plural of Anecdote is Myth.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Rebuilding wtmp
> -Original Message-
> From: aardvark [mailto:[EMAIL PROTECTED]
> Sent: Monday, July 12, 2004 4:40 PM
> To: Kyle Mott
> Cc: [EMAIL PROTECTED]
> Subject: Re: Rebuilding wtmp
>
> Kyle Mott disturbed my sleep to write:
> > I read a few manpages and did some google'ing, and couldn't find
much of
> > anything about rebuilding wtmp. I tried just moving wtmp to wtmp.old
and
> > then doing 'touch wtmp', then logging out and back in, but it still
> > reads 31Dec69. Is there some way to fix this? Thanks all.
>
> It's possible that there's some process holding open wtmp. (You could
> check this by adding lsof ("list open files") from ports -- *very*
handy
> to have around on general principle). If this is the case, probably
> the easiest way to fix things would be to rename the file, touch wtmp,
> then reboot.
>
Thank's for the lsof tip, though I couldn't find anything using wtmp.
I've tried rebooting with an empty wtmp plenty of times before, all to
no avail.
> Interestingly enough, a Google for "wtmp freebsd" turned up this
message
> from the FreeBSD-Security list:
>
> http://archives.neohapsis.com/archives/freebsd/2001-07/0055.html
>
> which suggests "cp /dev/null /var/log/wtmp" to fix things -- at least
on
> Solaris.
>
I tried this already, and it didn't work. On a system that I have a
good, uncorrupted version of wtmp, I can do 'mv wtmp wtmp.old && touch
wtmp', then logout and log back in, and it reports the dates fine. I can
also write a bunch of gibberish to wtmp (via /dev/random), and then
logout and back in, and it still reports the dates correctly. I'm just
confused.
-Kyle Mott
> I am now blessing your keyboard...
>
> --
> Saint Aardvark the Carpeted
> [EMAIL PROTECTED]
> Because the plural of Anecdote is Myth.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Rebuilding wtmp
Kyle Mott disturbed my sleep to write:
> I read a few manpages and did some google'ing, and couldn't find much of
> anything about rebuilding wtmp. I tried just moving wtmp to wtmp.old and
> then doing 'touch wtmp', then logging out and back in, but it still
> reads 31Dec69. Is there some way to fix this? Thanks all.
It's possible that there's some process holding open wtmp. (You could
check this by adding lsof ("list open files") from ports -- *very* handy
to have around on general principle). If this is the case, probably
the easiest way to fix things would be to rename the file, touch wtmp,
then reboot.
Interestingly enough, a Google for "wtmp freebsd" turned up this message
from the FreeBSD-Security list:
http://archives.neohapsis.com/archives/freebsd/2001-07/0055.html
which suggests "cp /dev/null /var/log/wtmp" to fix things -- at least on
Solaris.
I am now blessing your keyboard...
--
Saint Aardvark the Carpeted
[EMAIL PROTECTED]
Because the plural of Anecdote is Myth.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Rebuilding wtmp
Hi, I have several systems that report 'w' and 'who' wrong/corrupted: [EMAIL PROTECTED]:~# w USER TTY FROM LOGIN@ IDLE WHAT kyle p0 -31Dec69 - w Obviously, Dec 31st 1969 is not right: [EMAIL PROTECTED]:~# date Mon Jul 12 11:27:15 PDT 2004 I read a few manpages and did some google'ing, and couldn't find much of anything about rebuilding wtmp. I tried just moving wtmp to wtmp.old and then doing 'touch wtmp', then logging out and back in, but it still reads 31Dec69. Is there some way to fix this? Thanks all. (Note: Please CC me in any replies, I'm not a member of -questions). -Kyle Mott ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
