Disabling wtmp in openbmc

Andrew Geissler geissonator at gmail.com
Wed Nov 1 13:12:24 AEDT 2017

I  noticed our automation systems were having some very large
/var/log/wtmp files.  This is a file that keeps track of all logins to
the system.  It's really only useful if you have the 'last' tool
installed (although we could copy it off and post-process later).

Looks like normally we'd install logrotate to ensure it's rotated
properly but my vote is we just disable it.  We'll still have
/var/log/lastlog for some tracking history if needed.

Something that takes up persistent storage, and can grown unbounded is
a bit worrisome in an embedded system.

I really don't have much experience in this area so any thoughts or
ideas are appreciated.  I've been doing some research and there
doesn't actually seem to be a great way to disable wtmp.  Some
indications are that with Linux, just deleting it is a bad idea.  Some
people point to removing it and then making a link to /dev/null.  I've
got a few trial commits out there but no silver bullet yet.

https://gerrit.openbmc-project.xyz/#/c/7683/ (I think this is how we
would remove it?)

https://gerrit.openbmc-project.xyz/#/c/7725/ (I assumed dropbear was
doing all the logging but even with this the file still grew on ssh


More information about the openbmc mailing list