(SCO) The default root crontab cleans out /usr/adm/sulog, /etc/wtmp
and /etc/wtmpx on Sunday mornings. The script that does this is
(Linux) Logrotate does the cleaning, so modify /etc/logrotate.conf.
(BSD) uses "newsyslog".
But if system accounting is on, "runacct" does this.
If your machine is used at the time this script is run, you will
want to change the time in crontab. If you want more than 1 week's
information in these files, you need to change its frequency or
take it out all together.
# grep wtmp /etc/cleanup
# If accounting isn't enabled, clean up wtmp and wtmpx,
: Do nothing - accounting will clean up wtmp and wtmpx
[ -f /etc/wtmp ] && >/etc/wtmp
[ -f /etc/wtmpx ] && >/etc/wtmpx
Having that run on Sunday is not ideal for forensics - "who logged in over the w
weekend?" is not an unusual question.
A good modification might be to output "last" to a file before cleaing it.
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic