ben@syska.com (05/02/91)
A colleage has a need to find out whether a log is maintained of dialup logins. I don't even know if/ where the general log of user logins is maintained. Can some one give us some info on this? Please reply to this account or send mail to: uu.psi.com!syska.com!ela Thanks, Ben _______________________________________________________________________ Ben Olasov ben@syska.com
toma@swsrv1.cirr.com (Tom Armistead) (05/03/91)
In article <26731@adm.brl.mil> ben@syska.com writes: >A colleage has a need to find out whether a log is maintained of >dialup logins. I don't even know if/ where the general log of user >logins is maintained. Can some one give us some info on this? > >Please reply to this account or send mail to: > >uu.psi.com!syska.com!ela > > >Thanks, > > >Ben > > >_______________________________________________________________________ >Ben Olasov ben@syska.com An entry is written to /etc/wtmp for every process that init starts. One record for when the task starts and one when it stops. This includes getty. So... You can run who on /etc/wtmp and get a list of logins back to the time when that file was last re-initialized, which is at least every day if Process Accounting is running. e.g. $ who /etc/wtmp # When they logged on $ who -a /etc/wtmp | grep username # When they logged on and off If this isn't what you want, I have a daemon process that prints a message to my terminal whenever someone logs in, it could be easily modified to put the messages to a file (and print when they log out too). If you would like a copy of this, let me know and I'll mail it to you. p.s. I can only speak for System V Unix's (I've never tried this on with others). Tom -- Tom Armistead - Software Services - 2918 Dukeswood Dr. - Garland, Tx 75040 =========================================================================== toma@swsrv1.cirr.com {egsner,letni,ozdaltx,void}!swsrv1!toma
toma@swsrv1.cirr.com (Tom Armistead) (05/05/91)
In article <1991May3.040622.1657@swsrv1.cirr.com> toma@swsrv1.cirr.com (Tom Armistead) writes: > >If this isn't what you want, I have a daemon process that prints a message to >my terminal whenever someone logs in, it could be easily modified to put the >messages to a file (and print when they log out too). If you would like a copy >of this, let me know and I'll mail it to you. > >p.s. I can only speak for System V Unix's (I've never tried this on with > others). > I've had enough mail requests for this, so here is my my program. I know this is not a sources group, but it's a short program... For those of you that I mailed this program to; I added the code to print LOGOUT information also. If you want to run this program as a REAL daemon, the easiest way would to be to nohup it (i.e. 'nohup chklogin >chklogin.log&'). Remember, I've only run this on System V... Tom -- Tom Armistead - Software Services - 2918 Dukeswood Dr. - Garland, Tx 75040 =========================================================================== toma@swsrv1.cirr.com {egsner,letni,ozdaltx,void}!swsrv1!toma /* ============== chklogin.c - CUT ALL ABOVE THIS LINE =====================*/ /***************************************************************************** ** File: chklogin.c ** Description: Print out a message for every new user that logs in. ** History: 01-Aug-1990, Tom Armistead - original version. ** 04-May-1991, Tom Armistead - Added code to print logout info. ** ** Instructions: ** $ cc -o chklogin chklogin.c ** $ ./chklogin ** Or $ ./chklogin <interval> ** Where interval is the delay time in seconds between looking ** for new logins (the default is 15 seconds). ** ******************************************************************************/ #include <stdio.h> #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> #include <utmp.h> #include <signal.h> #include <string.h> #define FALSE 0 #define TRUE 1 #define INTERVAL 15 /* default sleep time between wtmp checks */ /* ** Local routines. */ void chklogin(); /* check for new entries in wtmp file */ void print_new_logins(); /* print new entries in wtmp file */ /* ** O.S. routines. */ int atoi(); int close(); char * ctime(); int fork(); int open(); void perror(); unsigned sleep(); int stat(); time_t time(); struct utmp *getutent(); void setutent(); void endutent(); void utmpname(); /***************************************************************************** ** Main ******************************************************************************/ void main( argc, argv ) int argc; char *argv[]; { int pid; if( (pid=fork()) == 0 ) /* create child process to do the work */ { int interval=INTERVAL; /* default interval to check for new logins */ fclose( stdin ); /* no need for keyboard input after fork'd */ close( 0 ); signal( SIGINT, SIG_IGN ); /* don't allow keyboard to kill program */ signal( SIGABRT, SIG_IGN );/* or core dump it either */ if( argc > 1 ) /* if any command line arguments */ interval = atoi( argv[1] );/* assume it is check intervals */ chklogin( interval ); /* Check for new user logins */ }/*end if fork*/ else if( pid == -1 ) /* else if fork error */ perror( "fork" ); /* print the error to stderr */ }/*end main*/ /***************************************************************************** ** Name: void chklogin( void ) ** Description: Loop forever, checking the last modified time of the wtmp file ** and calling print_new_logins() when it gets modified. ** ******************************************************************************/ void chklogin( interval ) int interval; { time_t mtime; /* time wtmp file last modified */ struct stat stat_buf; /* for call to fstat */ for( mtime = time( (time_t *)0 );; sleep( interval ) ) { /********************************************************************* ** If stat() fails for any reason then the wtmp file is probally being ** re-initialized. In which case, skip this check interval. ** ** If the wtmp file has been modified since the last check, call ** print_new_logins() to check for any new logins and print out the ** desired info. **********************************************************************/ if( stat( WTMP_FILE, &stat_buf ) != -1 && stat_buf.st_mtime > mtime ) { print_new_logins( mtime ); /* display new login info*/ mtime = stat_buf.st_mtime; /* save new modified time*/ } }/*end for*/ }/*end chklogin*/ /***************************************************************************** ** Name: void print_new_logins( int since ) ** Description: Print all USER_PROCESS entries from the wtmp file that have ** been created since the passed time. ** ******************************************************************************/ void print_new_logins( since ) time_t since; { static int called=FALSE; /* has this routine been called? */ register struct utmp *utent; /* for call to getutent() */ if( called != FALSE ) /* if not already called */ { called = TRUE; /* show not 1st time anymode */ utmpname( WTMP_FILE ); /* set filename for getutent */ } setutent(); /* opent the wtmp file */ /************************************************************************* ** Read through entire wtmp file, looking for any entries that have a time ** greater than the one passed that are USER processes and print the login ** name of each one found. **************************************************************************/ while( (utent = getutent()) != NULL ) { if( utent->ut_time > since ) /* if this is a new wtmp entry */ { /***************************************************************** ** If this is a new user login entry, then print the login tty, ** the user id and the time of login. ******************************************************************/ if( utent->ut_type == USER_PROCESS ) printf( "\nLOGIN: (%.12s) %.8s - %s", utent->ut_line, utent->ut_user, ctime( &utent->ut_time )); /***************************************************************** ** If this is a login process entry (user logging out) then print ** the tty, and the time the entry was made (when the user logged ** out). ******************************************************************/ else if( utent->ut_type == LOGIN_PROCESS ) { char *ptr=strrchr( utent->ut_line, '/' );/* remove full path */ printf( "\nLOGOUT: (%.12s) - %s", ptr ? ptr+1 : utent->ut_line, ctime( &utent->ut_time ) ); } }/*end if ut_time*/ }/*end while gtutent*/ endutent(); /* close the wtmp file */ }/*end print_new_logins*/ /*end chklogin.c*/ /* ============== chklogin.c - CUT ALL BELOW THIS LINE =====================*/ -- Tom Armistead - Software Services - 2918 Dukeswood Dr. - Garland, Tx 75040 =========================================================================== toma@swsrv1.cirr.com {egsner,letni,ozdaltx,void}!swsrv1!toma