todd@uhccux.UUCP (02/09/87)
I have a VAX 8650 running Ultrix 1.2 and just ran across a problem with
my wtmp file that puzzled me. It seems that logins were not being
logged into the wtmp file as usual. The wtmp file was not particularly
large (just over 100K) and was nulled eight days ago. Everything else
on the system seemed fine. I did a
cp /dev/null /usr/adm/wtmp
to clear the log file and that seemed to restart logging properly.
Has anyone else running Ultrix or 4.2BSD had this problem with wtmp?
Any hints on what happened would be appreciated. I've never seen this happen
before....todd
--
Todd Ogasawara, U. of Hawaii Computing Center
UUCP: {ihnp4,seismo,ucbvax,dcdwest}!sdcsvax!nosc!uhccux!todd
ARPA: uhccux!todd@nosc.ARPA
INTERNET: todd@UHCC.HAWAII.EDUgrr@cbmvax.UUCP (02/10/87)
In article <314@uhccux.UUCP> todd@uhccux.UUCP (The Perplexed Wiz) writes: >I have a VAX 8650 running Ultrix 1.2 and just ran across a problem with >my wtmp file that puzzled me. It seems that logins were not being >logged into the wtmp file as usual. The wtmp file was not particularly >large (just over 100K) and was nulled eight days ago. Everything else >on the system seemed fine. >to clear the log file and that seemed to restart logging properly. >Has anyone else running Ultrix or 4.2BSD had this problem with wtmp? >Any hints on what happened would be appreciated. I've never seen this happen >before....todd > >Todd Ogasawara, U. of Hawaii Computing Center Just noticed something similar here a day or two ago. Actually, it looks like wtmp is ok, but the last command is digging up garbage somewhere. I haven't had time to dig into it yet. We have also seen situations where the user-id vs terminals reported by w are out of sync and talk seems to go to the wrong person! We're running Ultrix 1.2 on 750... -- George Robbins - now working for, uucp: {ihnp4|seismo|rutgers}!cbmvax!grr but no way officially representing arpa: cbmvax!grr@seismo.css.GOV Commodore, Engineering Department fone: 215-431-9255 (only by moonlite)
avolio@decuac.UUCP (02/12/87)
In article <314@uhccux.UUCP>, todd@uhccux.UUCP (The Perplexed Wiz) writes: > I have a VAX 8650 running Ultrix 1.2 and just ran across a problem with > my wtmp file that puzzled me. It seems that logins were not being > logged into the wtmp file as usual. The wtmp file was not particularly > large (just over 100K) and was nulled eight days ago. I am assuming that /usr was not over 97% or so used? (When you do a "df /usr") If this is the case it means that writing stoipped because the fopen to append to /usr/adm/wtmp failed due to insufficient space. If this is not the case, more information might be in order. Drop me a note with more info and if/when it gets solved you can summarize to the net. -Fred- humu!nosc!sdcsvax!seismo!decuac!avolio avolio@decuac.dec.com
todd@uhccux.UUCP (The Perplexed Wiz) (05/05/87)
Has anyone else had a problem with their /usr/adm/wtmp file like what
I have below? The output is from a quick and dirty program I wrote
to look at utmp and wtmp files. As you can see my wtmp file was
getting data ok and then it looks like some garbage got thrown into
it causing an extra field to be inserted between the last "good"
structure field and the next entry into wtmp.
ut_line ut_host ut_name ut_time
------- ------- ------- -------
ttyD1 ralph Fri Apr 3 09:26:20 1987
ttyB4 cm407s17 Fri Apr 3 09:26:39 1987
ttyB1 Fri Apr 3 09:26:59 1987
ttyp1 Fri Apr 3 09:28:32 1987
ttyp1 UHCC20 gary Fri Apr 3 09:28:49 1987
ttyp1 Fri Apr 3 09:30:15 1987 /* good */
^B^C Fri Jan 5 02:07:28 1945 /* bad */
^Mt ttyp1 Sun Apr 30 21:30:08 1950
^Mt ttyD1 Tue Dec 17 18:56:32 2002
^Nt ttyD1 Sat Dec 31 20:41:04 2011
^Nt ttyB3 Sun Apr 30 10:52:16 2034
The "fix" was to simply do a 'cp /dev/null /usr/adm/wtmp'. But I'd like
a way to prevent it from happening again. The problem has happened
about five times in the past five months.
System specifics: VAX 8650 running Ultrix 1.2.
Thanks in advance....todd
--
Todd Ogasawara, U. of Hawaii Computing Center
UUCP: {ihnp4,seismo,ucbvax,dcdwest}!sdcsvax!nosc!uhccux!todd
ARPA: uhccux!todd@nosc.MIL
INTERNET: todd@uhccux.UHCC.HAWAII.EDUgrr@cbmvax.cbm.UUCP (George Robbins) (05/05/87)
In article <469@uhccux.UUCP> todd@uhccux.UUCP (The Perplexed Wiz) writes: > >Has anyone else had a problem with their /usr/adm/wtmp file like what >I have below? The output is from a quick and dirty program I wrote >to look at utmp and wtmp files. As you can see my wtmp file was >getting data ok and then it looks like some garbage got thrown into >it causing an extra field to be inserted between the last "good" >structure field and the next entry into wtmp. >System specifics: VAX 8650 running Ultrix 1.2. I could have guessed... This seems to be a frequently encountered Ultrix 1.2 problem. I think both utmp and wtmp get corrupted, since occasionally "w" will give bogus results. My suspicion is that it is caused by "set hosts" from VMS, especially since the problem here seems to have gone away with everyone now using our LAT terminal servers or TCP facilities. I don't know of any solution... Fred, are your there? -- George Robbins - now working for, uucp: {ihnp4|seismo|rutgers}!cbmvax!grr but no way officially representing arpa: cbmvax!grr@seismo.css.GOV Commodore, Engineering Department fone: 215-431-9255 (only by moonli Fpe
hurf@batcomputer.tn.cornell.edu (Hurf Sheldon) (05/05/87)
I have had the same experience, also under Ultrix1.2, but
on a uVaxII - I had allowed my wtmp to get to at least .3meg as I
was working on some accounting routines and I wanted to be able
to have a history to work with. When I went to use it I got similar
output with some network hostnames interspersed. Starting a new file
made it come out properly.
No fix as yet...
hurf
--
Hurf Sheldon Network: hurf@ionvax.tn.cornell.edu
Lab of Plasma Studies Bitnet: hurf@CRNLION
369 Upson Hall, Cornell University, Ithaca, N.Y. 14853 ph:607 255 7267
I sold my Elan, got a job in science; Now, no one takes me seriously.todd@uhccux.UUCP (The Perplexed Wiz) (05/06/87)
In article <1826@cbmvax.cbmvax.cbm.UUCP> grr@cbmvax.UUCP (George Robbins) writes >This seems to be a frequently encountered Ultrix 1.2 problem. I think both >utmp and wtmp get corrupted, since occasionally "w" will give bogus results. >My suspicion is that it is caused by "set hosts" from VMS, especially since the >problem here seems to have gone away with everyone now using our LAT terminal >servers or TCP facilities. In my case only wtmp was corrupted. utmp was fine. As a further potential clue. We don't have any VMS VAXen connected to mine, but there is a DEC-20 that several people SET HOST from (DEC-20 --> VAX). I'll try to arrange a test where several people SET HOST from the DEC-20 to the VAX simultaneously and see if that causes wtmp to become corrupted again. Keep those hints coming in! Appreciate any clues you can offer me..todd -- Todd Ogasawara, U. of Hawaii Computing Center UUCP: {ihnp4,seismo,ucbvax,dcdwest}!sdcsvax!nosc!uhccux!todd ARPA: uhccux!todd@nosc.MIL INTERNET: todd@uhccux.UHCC.HAWAII.EDU
page@ulowell.cs.ulowell.edu (Bob Page) (05/06/87)
I've seen it too - only under Ultrix 1.2 - and only with DECnet-Ultrix.
SET HOST may indeed be the culprit.
..Bob
--
Bob Page, U of Lowell CS Dept. page@ulowell.{uucp,edu,csnet} sshurr%wellesley.edu@RELAY.CS.NET (05/07/87)
We also have the wtmp problem on our MicroVax II. The garbage in the wtmp file generally appears near an entry for ttyp0, ttyp1 etc. which is what appears when someone does SET HOST from another system on the DECNET. I generally fix it by editing the wtmp file and removing the 3 offending bytes (always ^B ^C 0). My impression is that these come from the utmp file entry being copied into wtmp upon logout. I'm convinced it has nothing to do with the file system filling up. I've called Digital's software hotline about this and they generally have an excuse such as "we couldn't recreate the problem". I've been unable to detect any pattern as to when the problem occurs. Scott Shurr - Academic Computing | internet: sshurr@wellesley.edu Science Center, Wellesley College | phone: 617-235-0320 X3262 Wellesley, MA 02181 |
howie@cunixc.UUCP (05/08/87)
We have been experiencing the same problem with on an 8650 running
Ultrix 1.2 -- It never seemed to happen in 1.1. We also have people
using the decnet, to set host from DEC-20's. It's only happened 3 or
4 times in the last year. We haven't noticed any pattern either.
--------------------------------------------------------------------
Howie Kaye howie@cunixc.Columbia.EDU
Columbia University HKAUS@cuvma (bitnet)
Systems Group {?}!seismo!columbia!cucca!howiegeorge@vax1.ccs.cornell.edu (George R Boyce) (05/08/87)
One question. Has any of you who have reported this problem also taken the time to submit the SPR to Digital? Sure, I know they have people reading this list. But they don't submit the SPRs for you and thus the problem will never make it into the offical queue of things to be fixed. They have committed a lot of resources to support and develop Ultrix. But to take advantage of it you have to fill out that silly n-part form... (or use their dial-up facility). (Oh yes, you also have to give them money every now and then, but that is true of most companies :-).
phyllis@bcsaic.UUCP (Phyllis Melvin) (05/09/87)
In article <469@uhccux.UUCP> Todd writes: >....As you can see my wtmp file was getting data ok >and then it looks like some garbage got thrown into it I've seen the same problem 6 or 8 times. The garbage inserted is the same (/002/003/020) and it's always between records. I was unable to find the cause so I wrote a program to examine wtmp and fix such corruptions. I'm also using Ultrix 1.2. -- Phyllis Melvin uucp: ...uw-beaver!uw-june!bcsaic!phyllis (206)865-3210 arpanet: phyllis@boeing.com
todd@uhccux.UUCP (The Perplexed Wiz) (05/10/87)
In article <361@vax1.ccs.cornell.edu> george@vax1.UUCP (George R Boyce) writes: >One question. Has any of you who have reported this problem also >taken the time to submit the SPR to Digital? Sure, I know they Yep....no help from them. They can't duplicate the problem so they can't help us solve it. I must admit, though, that I can't duplicate the problem either. It happens now and then leaving no real clues as to what the cause is....todd -- Todd Ogasawara, U. of Hawaii Computing Center UUCP: {ihnp4,seismo,ucbvax,dcdwest}!sdcsvax!nosc!uhccux!todd ARPA: uhccux!todd@nosc.MIL INTERNET: todd@uhccux.UHCC.HAWAII.EDU
johnsson@decwrl.DEC.COM (Richard Johnsson) (05/11/87)
Several people suggesting that DECnet/Ultrix might be involved was enough of
a hint to get me interested. I happened to have the DECnet/Ultrix sources
lying around so I looked at dlogind.
The dlogind version of rmut (the procedure everyone uses to update utmp and
wtmp) opens wtmp for write, seeks to the end, and then writes, rather than
opening for write+append as other programs (like rlogind) do. If I
understand the comments (from Chris Torek?) about writes crossing blocks,
having the file open for append should fix this problem.
I have reported the problem to the DECnet/Ultrix people (by totally
unofficial means :-). I'm afraid you won't see the fix until sometime after
2.0 since that's already in the can.
--
Richard Johnsson, DEC Western Software Lab, Palo Alto, CA
UUCP: {decvax,ucbvax}!decwrl!johnsson
ARPA: johnsson@decwrl.dec.com DEC ENet: sonora::johnsson
phone: +1 415 853 6676grr@cbmvax.cbm.UUCP (George Robbins) (05/14/87)
In article <9799@decwrl.DEC.COM> johnsson@decwrl.dec.com writes: > Several people suggesting that DECnet/Ultrix might be involved was enough of > a hint to get me interested... > > I have reported the problem to the DECnet/Ultrix people (by totally > unofficial means :-). I'm afraid you won't see the fix until sometime after > 2.0 since that's already in the can. > > Richard Johnsson, DEC Western Software Lab, Palo Alto, CA Well, I'd like to say thanks to Richard for taking the initiative on this. It sounds like it shouldn't be too hard to fix with a little adb action, but my first efforts have been frustrated by the object file being stripped. Some nice quiet day soon... 8-) -- George Robbins - now working for, uucp: {ihnp4|seismo|rutgers}!cbmvax!grr but no way officially representing arpa: cbmvax!grr@seismo.css.GOV Commodore, Engineering Department fone: 215-431-9255 (only by moonlite)