Disabling wtmp in openbmc
geissonator at gmail.com
Wed Nov 1 13:12:24 AEDT 2017
I noticed our automation systems were having some very large
/var/log/wtmp files. This is a file that keeps track of all logins to
the system. It's really only useful if you have the 'last' tool
installed (although we could copy it off and post-process later).
Looks like normally we'd install logrotate to ensure it's rotated
properly but my vote is we just disable it. We'll still have
/var/log/lastlog for some tracking history if needed.
Something that takes up persistent storage, and can grown unbounded is
a bit worrisome in an embedded system.
I really don't have much experience in this area so any thoughts or
ideas are appreciated. I've been doing some research and there
doesn't actually seem to be a great way to disable wtmp. Some
indications are that with Linux, just deleting it is a bad idea. Some
people point to removing it and then making a link to /dev/null. I've
got a few trial commits out there but no silver bullet yet.
https://gerrit.openbmc-project.xyz/#/c/7683/ (I think this is how we
would remove it?)
https://gerrit.openbmc-project.xyz/#/c/7725/ (I assumed dropbear was
doing all the logging but even with this the file still grew on ssh
More information about the openbmc