ghost user processes
Francois Normant
fn at fractal.math.yale.edu
Sat Jun 22 07:27:51 AEST 1991
In article <1991Jun21.200251.9745 at uokmax.ecn.uoknor.edu> stsiegem at uokmax.ecn.uoknor.edu (Stephan Siegemund-Broka) writes:
>Does anyone out there know a fix for the corrupted utmp database?
>It seems that rlogin sessions when they exit don't properly zero out
>the data base in utmp and so finger or w report ghost sessions that
>aren't really there (they don't show up in ps for example).
>Thanks.
Here is a daemon posted on this newsgroup a few month ago by
John F. Haugh II | Distribution to | UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 832-8832 | GEnie PROHIBITED :-) | Domain: jfh at rpp386.cactus.org
In article <1991Mar25.164317.9775 at rs6000.cmp.ilstu.edu> dbeedle at rs6000.cmp.ilstu.edu (Dave Beedle) writes:
> Hi all. I've got a strange problem going on with AIX 3003. When I do
>a who or an Finger I see one user (not the same all the time) who appears
>to have been logged on for 26 (or more) days. The user is not currently
>logged on and has no processes running. What is going on? We recently
>installed xwindows, pcsim, AIX access, and a compiler or two.
I've mentioned this several times, so here is the source code. This code
is being provided without warrantee (or even a copyright notice). Use it
at your own risk.
Compile this program with "cc -o /etc/utmpd utmpd.c" and run in the background
with "nohup /etc/utmpd < /dev/null > /dev/null 2>&1 &" from your /etc/rc file.
I use it on this system to clean up utmp file entries left over from various
programs that create sessions on pty devices.
DISCLAIMER: I speak for myself only. My employers are not responsible for
what I post here and will not provide support for this code or anything it
may do to your system. Use at your own risk.
--
---- begin utmpd.c ----
#include <sys/types.h>
#include <utmp.h>
#include <fcntl.h>
main ()
{
int fd;
struct utmp utmp;
while (1) {
if ((fd = open ("/etc/utmp", O_RDWR)) < 0)
exit (1);
while (read (fd, &utmp, sizeof utmp) == sizeof utmp) {
if (utmp.ut_type == USER_PROCESS &&
kill (utmp.ut_pid, 0) != 0) {
lseek (fd, - (long) sizeof utmp, 1);
utmp.ut_type = DEAD_PROCESS;
write (fd, &utmp, sizeof utmp);
}
}
close (fd);
}
close (fd);
sleep (60);
}
}
---- end utmpd.c ----
and adapted by
David Crow (512) 823-4834 IBM VNET: dlcrow at austin
AIX Systems Graphics Development Internet: crow at waterloo.austin.ibm.com
This is the code that John Haugh posted to clean out the utmp file.
I have changed it a little bit since he posted it, so it is not exactly
the same. I think that the only thing that I did was take out a while
loop that encompassed the entire program and made it more like a daemon.
As John says in the comment, this is public domain. This is NOT an
official program from IBM.
/*
* this code is in the public domain. do with it as you
* please. - jfh. 12/19/90
*/
#include <sys/types.h>
#include <utmp.h>
#include <fcntl.h>
main ()
{
int fd;
struct utmp utmp;
if ((fd = open ("/etc/utmp", O_RDWR)) < 0) {
printf("Could not open /etc/utmp\n");
exit (1);
}
while (read (fd, &utmp, sizeof utmp) == sizeof utmp) {
if (utmp.ut_type != DEAD_PROCESS && kill (utmp.ut_pid, 0) != 0) {
lseek (fd, - (long) sizeof utmp, 1);
utmp.ut_type = DEAD_PROCESS;
if ( write (fd, &utmp, sizeof utmp) != sizeof utmp ) {
close(fd);
printf("Could not write to /etc/utmp\n");
exit(1);
}
}
}
close (fd);
}
--
Francois Normant - fn at math.yale.edu
Yale University - Mathematics Department
Box 2155 - Yale Station
New Haven CT 06520
More information about the Comp.unix.aix
mailing list