Managing wtmp

Manic supplied a quick command to manage the AIX wtmp file should it get too big for the system to handle.

Typically a last command will fail if the file is over 2Gb in size.

First convert the file to ASCII redirecting the output to a filesystem with enough space.

usr/lib/acct/fwtmp < /var/adm/wtmp > /tmp/wtmp.ascii.20110128

Now we compress it and clear out the original wtmp file.

compress /tmp/wtmp.ascii.20110128 >/var/adm/wtmp

If, however, you wish to just prune the file, in SunOS (for example) you can do…

/usr/lib/acct/fwtmp < /var/adm/wtmpx > /tmp/wtmpx.orig 
tail -20000 /tmp/wtmpx.orig > /tmp/wtmpx.new 
/usr/sbin/acct/fwtmp -ic < /tmp/wtmpx.new > /var/adm/wtmpx
rm /tmp/wtmpx.orig /tmp/wmtpx.new

A similar approach can be used in AIX.

By troyski

I'm a freelance UNIX engineer working in the UK. I'm married to Tina and between us we have six children. I'm a bit of an Apple fan boy, and all the Windows machines in the house are a thing of the past now.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Private