Hi everyone,
At work we were told to check the list of users of an application server and delete all those that have left the company or don't need access to the application anymore. Here's what I came up with. Would you be as kind as to tell me your opinion and whether there is a faster / easier way to accomplish the same thing?
1) Save the list of user names (1st field in /etc/passwd) in a text file (~500 users).
2) Merge /var/log/wtmp and /var/log/wtmp.1 (logrotate is configured to keep only 1 rotated wtmp log) into a single file with
3) Convert the wtmp file (which is of type data):
to a plain text file sorted by 1st field (user names) and filtered by last occurrence of user name:
4) Check one by one the list of users created in step #1 to see whether they appear in the wtmp.txt file. If they don't appear in this file, which lists the logins for the current and past month, it means they haven't logged on during the same period, and we can consider deleting them.
5) Each "inactive user" is logged into
Some points to consider:
1) Here's the section of /var/log/wtmp in our logrotate.conf file:
Unfortunately, we can't edit it.
2) For the same reasons as above we can't use chage either to disable accounts.
I hope I made myself clear enough . Any suggestions will be more than welcome.

I would run:

This will give you a list of users not found.

On a side topic, the package acct might interest you.

1 members found this post helpful.

If I am not mistaken, the users command only shows the users that are currently logged on to the current host (from man users), and I need to check the whole list of local users (as found in /etc/passwd) and see which ones have logged on at least once during the period of time recorded in wtmp (and wtmp.1, after wtmp is rotated).
So, IMHO (please feel free to correct me if I'm wrong) the following one-liner
will examine the wtmp logs and look whether the users that are currently logged on are present in those logs.
I will mark your thread as helpful because this will definitely come in handy one of these days .
Also, I will be a follower of your blog. Nice job there! And that is so cool that you were a part of the team behind the Happy Feet 2 movie!

Hey gacanepa

Thanks It was a good experience, some high end tech gear used to make animations.

My mistake on the command, I meant to add a disclaimer that the "users" would be the file of users you mentioned you created from the passwd file.

Something simple like:

So you could combine that all in one with:

That'll work for you.

1 members found this post helpful.

Oh I see now . This works fairly well - I'll just need to add a little tweaking in order to consider only "real" users and not daemons (forgot to say that in my first post) - but that will be a piece of cake. You have pointed me in the right direction and that's enough for me. I will also mark your last post and helpful and this thread as solved.
On a side note, if you don't mind, I'll send you my personal email address so you can -when you have one minute or 2- fill me in a little of your work in the Happy Feet movie. I am always curious of the "real world applications" (which distros, applications for animations used in the movie, etc) of Linux besides the enterprise environment - which is what I have the most experience on.

No worries at all.

Great. Sent you an email to the address listed in your blog. Thanks again!