Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

lastb and last problems
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Woland
Apprentice
Apprentice


Joined: 02 Aug 2002
Posts: 248
Location: Russian Jack, Alaska
PostPosted: Wed Sep 11, 2002 7:20 am    Post subject: lastb and last problems Reply with quote
O. K. , I know there is no such thing as a stupid question, but this might come close. It's just that it seems so damn tricky.

My gentoo install seems to be working fine, just one hitch: though the last command will display all the users that have logged in on the machene, the lastb command simply does not exist. Yes, I have touched /var/log/btmp so it does exist, but it stays empty. Last itself resides in
/bin/last
but lastb is nowhere to be found. I guess I don't need lastb as such, since I can run last -f /var/log/btmp but if btmp does not get written to, I am out of luck, eh?

Any suggestions would be welcome.
Back to top
View user's profile Send private message
rac
Bodhisattva
Bodhisattva


Joined: 30 May 2002
Posts: 6553
Location: Japanifornia
PostPosted: Wed Sep 11, 2002 7:46 am    Post subject: Re: lastb and last problems Reply with quote
Woland wrote:
O. K. , I know there is no such thing as a stupid question, but this might come close.

Well, this answer is probably even stupider than the question. I think you can simply symlink /bin/last to /bin/lastb and get the lastb functionality. I just tried it and it complained about not finding /var/log/btmp. However, I think with PAM installed, /var/log/auth.log is the primary repository for information about failed login attempts. It may not be in the format you are looking for, though. Is this OK? There may be a way to configure PAM to log to btmp, but I haven't looked into it.
_________________
For every higher wall, there is a taller ladder
Back to top
View user's profile Send private message
Woland
Apprentice
Apprentice


Joined: 02 Aug 2002
Posts: 248
Location: Russian Jack, Alaska
PostPosted: Wed Sep 11, 2002 8:04 am    Post subject: Reply with quote
Well, in the slap on the forehrad and cry D'OH! department, I looked in /var/log and sure enough there is a whole pwdfail directory, which seems to do everything that btmp used to. Now it is back to the manual paged for me to figure out how to make logrotate keep the files in there a bit longer and not make three or four of these log files a day. If you might have the patience to suggest any network security monitoring tools, that work with all this new-fangled PAM stuff, I would be greatly obliged.

BTW, symlinking blast to last worked like a charm. I know that there are some clever programs which function differently when you run them through a symlink (bash, vim) but it always comes as a surpise. Not a soultion which would have come to me of its own, so I guess my n00b designation is still earned--in spite of the fact that my first distro was RedHat 2.1(ORA).

My hearfelt thanks for the speed of the reply, as well as for the reply itself.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy