How to remove dead or deatched users from Ubuntu Server 8.04.
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to remove dead or deatched users from Ubuntu Server 8.04.
Im running a server on Ubuntu 8.04 and I have this weird stuff going on in it... if i check the system with "w" or "uptime" it shows me more users than they are actually logged in.
If i check with "who" everything seems fine, just users who are logged in are shown, but if i use "pinky" i get this:
root is not logged in at all, actually wasnt logged in for like 42/96 days, but uptime or w still seems them somehow, just "who" doesnt and pinky does show them.
How can I "kill" or remove this? Does anyone know or does anyone know why this happens, coz on my CentOS boxes this never happened and never happens, and dont know how to deal with it.
No man, you didnt get the point, this users are not logged in anymore, they werent logged in for 90 days or 40 days already. Its just somehow dead or detached, I dont even know how to explain, coz it never happened to me before.
Login timeout is something else, it has to do with user which are logged in the system and if there is no activity they will be automatically logged out.
I usually remove dead users by calling the county coroner; if they've been dead several days I call the police. I've never had to remove one myself yet.
It sounds like you have a problem with the utmp file.
Unfortunately I don't know of any way of fixing this except by writing specialized code.
man utmp
man logout
man getutent
One other way (which is not necessarily good on a production system) is to kick everyone off then wipe the utmp file.
It would be good figure out know why the utmp file was not correctly updated. Have you run rootkit detectors to try to see if this artefact might be due to tampering by a r00tkit?
I have moved utmp into a backup and created a new. Seems that it works now, also I do not believe and think I wasnt compromised, im pettry sure actually, and this always happen on Ubuntu, never on CentOS.
Even if its a fresh install of the system, and left for 2-3 days, this will happen again, but dont understand why exactly.
Same shit happen on my laptop using Ubuntu Desktop 8.04, so the system is not compromised, its just defected by default
I think I have to submit this as a bug to ubuntu.
Last edited by robertjinx; 11-26-2008 at 03:31 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.