Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Warning: utmp must not be writable, because many system programs (foolishly) depend on its integrity. You risk faked system logfiles and modifications of system files if you leave utmp writable to any user.
utmp is a binary file whose structure is given in the utmp.h include file for your version of utmp.h.
utmp/wtmp is not supposed to be edited as it is a log of activity. Entries are created by privileged applications (by writing a partial record) then the record is completed with the application terminates.
Partial records imply that something significant happened that wasn't supposed to happen.
utmp/wtmp is also not exactly a reliable file - it only records terminal use (including X server and logins). But the records for gdm are almost always wrong (it puts entries in, but doesn't necessarily close them properly).
Why i need the answer is because one of my friend knew the answer for this question.
He knew how to delete a single line from wtmp though it is a binary file.
He just challenged me to get the answer? But am trying a lot, even i cannot able to read the file..
Yes i know it is a critical file, but please tell me the solution for this. How to see and delete a single line which we wish to delete in wtmp.
Why i need the answer is because one of my friend knew the answer for this question.
He knew how to delete a single line from wtmp though it is a binary file.
He just challenged me to get the answer? But am trying a lot, even i cannot able to read the file..
Yes i know it is a critical file, but please tell me the solution for this. How to see and delete a single line which we wish to delete in wtmp.
It is not a critical file. If it is deleted, a new one would get created.
It is used sometimes for accounting purposes, but even there, it isn't absolutely critical. It is only used
to collect a sequence of process accounting records into single "job".
Look at the manpage for wtmp. it is a random access file, and rather easily tampered with for the system admin.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.