Como exibir corretamente o conteúdo dos arquivos utmp, wtmp e btmp?

Question

Como exibir corretamente o conteúdo dos arquivos utmp, wtmp e btmp?

#1 resposta do Kevin Bowen (3 votos)

3

Como posso exibir o /var/run/utmp , /var/log/wtmp , /var/log/btmp usando cat. Enquanto eu estou tentando exibi-los, eu estou recebendo alguns outros personagens também. Aqui está a saída que recebo ao tentar ler os arquivos:

jai@frank-Jai:~$ cat /var/run/utmp
~~~reboot3.8.0-26-genericf�Q%p  2~~~runlevel3.8.0-26-genericf�Q
�   �tty44LOGIN�f�Q�tty55LOGIN�f�Q�tty22LOGIN�f�Q�tty33LOGIN�f�Q�tty66LOGIN�f�Q�tty11LOGIN�k�Qtty7:0jai:0y�Q
                                                       ��pts/0/0jai:0.0�{�QFQjai@frank-Jai:~$ cat /var/log/wtmp
~~~reboot3.8.0-19-generic��Q�b
2~~~runlevel3.8.0-19-generic��Q�c
*tty44LOGIN*��Q0tty55LOGIN0��Q:tty22LOGIN:��Q;tty33LOGIN;��Q=tty66LOGIN=��Q"tty11LOGIN"��Q�pts/1/1jai:0.0��Q�D       pts/1/1jai��Q���   pts/1/1jai:0.0t��Q��    pts/2/2jai:0.0���Q
�   pts/3/3jai:0.0'��Qpts/3/3jaib��Qpts/1/1jai"��Q
                                                        pts/2/2jai"��Q62~~~ru*tty44*;��Q�0tty550;��Q�:tty22:;��Q�;tty33;;��QM=tty66=;��Q�
                                                                       "tty11";��Ql,~~~shutdown3.8.0-19-genericH��Qz�~~~reboot3.8.0-26-generic���Q-�2~~~runlevel3.8.0-26-generic���Q�ctty44LOGINc���Qjtty55LOGINj���Qutty22LOGINu���Qvtty33LOGINv���Qytty66LOGINy���Q?tty11LOGIN?���Q02~~~runlevel3.8.0-26-generic���Q.
                 ctty44c���Qjtty55j���Qutty22u���Qvtty33v���Qytty66y���Q?tty11?���Q�~~~shutdown3.8.0-26-generic���Q�~~~reboot3.8.0-26-genericʩ�stty44LOGINsʩ�Qztty55LOGINzʩ�Q�tty22LOGIN�˩�Qtty33LOGIN˩�Q�tty66LOGIN�˩�QCtty11LOGINC˩�Qpts/0/0jai:0.0B��Qp�
                                            pts/1/1jai:0.0��QOpts/1/1jai��Q(C
                                                                             ptspts/1/1jai��Q"pts/0/0jai;�Q�
stty44s�A�Q��ztty55z�A�Q��i�tty22��A�Q��ntty33�A�QZ�26-ge�tty66��A�Qmn
Ctty11C�A�Qz
~~~shutdown3.8.0-26-generic�A�Q
                                �~~~reboot3.8.0-26-generic e�Q�2~~~runlevel3.8.0-26-generic e�Q�iMtty44LOGINM e�QStty55LOGINS e�Q]tty22LOGIN] e�Q^tty33LOGIN^ e�Q'tty66LOGIN' e�Q�tty11LOGIN�#e�QL
pts/0/0jai:0.0l�Q�#
pts/0/0jai:0.0:t�Q#;pts/0/0jai߂�QO|02~~~runlevel3.8.0-26-generic߂�Qu�Mtty44M߂�QStty55S߂�Q]tty22]߂�Q^tty33^߂�Q'tty66'߂�Q�    �tty11�߂�Q�D    ~~~shutdown3.8.0-26-generic���Q
                        ~~~reboot3.8.0-26-generic���Q�2~~~runlevel3.8.0-26-generic���Q[�ktty44LOGINk���Qqtty55LOGINq���Q{tty22LOGIN{���Q|tty33LOpts/2/2jaiL��Q��62~~~runlevel3.8.0-26-genericL��Q��ktty44kL��Qqtty55qL��Q{tty22{L��QY   |tty33|L��Q@
                               �tty66�L��Q� �tty11�L��Q�M   ~~~shutdown3.8.utty44LOGINuW��Q}tty55LOGIN}W��Qtty22LOGINW��Q�tty33LOGIN�W��Q�tty66pts/0/0jai:0.0���Qpts/0/0jaiv��Ql�02~~~runlevel3.8.0-26-genericv��Q�butty44uv��Q1
    }tty55}v��Q4
                tty22v��Q*

                         �tty33�v��Q&
                                      �tty66�v��Q3
                                                    �tty11�v��Q�
                                                                   ~~~shutdown3.8.0-26-generic���QN%~~~reboot3.8.0-26-generic���Q
y2~~~runlevel3.8.0-26-generic���Q��tty44LOGIN���Q�tty55LOGIN����Q�tty22LOGIN����Q�tty33LOGIN����Q�tty66LOGIN����Q�tty11LOGIN����Q02~~~runleveltty44]��Q��tty55�]��Q��tty22�]��Q��tty33�]��Q��tty66�]��QE�tty11�]��Q��~~~shutdown3.8.0-26-genericj��Q�Q~~~reboot3.8.0-26-genericC��QQ�
                                                                    2~~~runleveltty44LOGINlC��Qptty55LOGINpC��Qvtty22LOGINvC��Qwtty33LOGINwD��Qytty66LOGINyD��Q�tty11LOGIN�E��Q62~~~runlevel3.8.0-26-generice��Qltty44lf��Q
)ptty55pf��Q4vtty22vf��Q�7wtty33wf��Q�=ytty66yf��Q�B�tty11�f��Q�^~~~shutdown3.8.0-26-generics��Q
~~~reboot3.8.0-26-genericZ?�Qغ2~~~runlevel3.8.0-26-genericZ?�Q��tty44LOGINZ?�Q�tty55LOGIN�Z?�Q�tty22LOGIN�Z?�Q�tty33LOGIN�Z?�Q�tty66LOGIN�Z?�Q�tty11LOGIN�[?�Q62~~~runlevel3.8.0-26-generich?�QCtty44h?�Q �tty55�h?�Qm�tty22�h?�Q9�tty33�h?�Q��tty66�h?�Q�tty11�h?�Q��~~~shutdown3.8.0-26-generick?�Q5~~~reboot3.8.0-26-generic��Q�>2~~~runlevel3.8.0-26-generic��Q�4utty44LOGINu��Q{tty55LOGIN{��Q�tty22LOGIN���Q�tty33LOGIN���Q�tty66LOGIN���Q�tty11LOGIN���Q02~~~runlevel3.8.0-26-generic���Q�utty44u���Q�{tty55{���Q��tty22����Q�tty33����Q��tty66����Q�tty11����Q"~~~shutdown3.8.0-26-generic���Q(
                   ~~~reboot3.8.0-26-generic���Q=2~~~runlevel3.8.0-26-generic���Q�;etty44LOGINe���Qjtty55LOGINj���Qttty22LOGINt���Qztty33LOGINz���Q�tty66LOGIN����Q�tty11LOGIN����Q�pts/0/0jai:0.0[j�QE5
                                                            pts/0/0jai�m�Q�pts/0/0jai:0.0�m�Q�pts/0/0jain�Q��62~~~runlevel3.8.0-26-generic0n�Q��etty44e0n�Qjtty55j0n�Q�       ttty22t0n�Q
                                    �  ztty33z0n�Q'� �tty66�0n�Q@� �tty11�0n�Qu�    ~~~shutdown3.8.0-26-generic>n�Q��~~~reboot3.8.0-26-generic�+�Q�S2~~~runlevel3.8.0-26-generic�+�Q�{tty44LOGIN{�+�Q�tty55LOGIN��+�Q�tty22LOGIN��+�Q�tty33LOGIN��+�Q�tty66LOGIN��+�Q�tty11LOGIN��+�Qk  pts/0/0jai:0.0<,�Qpts/0/0jaih��Qv�
                  62~~~runlevel3.8.0-26-generic��Q?�{tty44{��QT
�tty55���Q@U
              �tty22���QPW
                            �tty33���QIY
                                          �tty66���QV[
                                                        �tty11���Q�j
                                                                       ~~~shutdown3.8.0-26-generic�Q~~~reboot3.8.0-26-generic�_�Q��2~~~runlevel3.8.0-26-generic�_�Q9bhtty44LOGINh�_�Qltty55LOGINl�_�Qtty22LOGIN�_�Q�tty33LOGIN��_�Q�tty66LOGIN��_�Q�tty11LOGIN��_�Q02~~~runlevel3.8.0-26-generic�_�Q@htty44h�_�Q�ltty55l�_�QJtty22�_�Q+�tty33��_�Q��tty66��_�Q��tty11��_Y~~~shutdown3.8.0-26-generic�_�Qc�~~~reboot3.8.0-26-generic���Q�D2~~~runlevel3.8.0-26-generic���Q7yktty44LOGINk���Qstty55LOGINs���Q�tty22LOGIN����Q�tty33LOGIN����Q�tty66LOGIN����Q�tty11LOGIN����QG
                                                            pts/0/0jai:0.0�-�Q��ktty44k&D�Q�stty55s&D�Q��tty22�&D�Q��tty33�&D�Q<�tty66�&D�Q4�tty11�&D�Q'e~~~shutdown3.8.0-26-generic)D�Q�m
~~~reboot3.8.0-26-generic�Q&�2~~~runlevel3.8.0-26-generic�Q�4ktty44LOGINk�Qptty55LOGINp�Q{tty22LOGIN{�Q|tty33LOGIN|�Q~tty66LOGIN~�Q�tty11LOGIN��h�Q02~~~runlevel3.8.0-26-generic�k�Q�1
                                            ktty44k�k�Q�ptty55p�k�Q�{tty22{�k�Q�|tty33|�k�Q~tty66~�k�Q�tty11��k�Q�~~~shutdown3.8.0-26-generic�k�Q�~~~reboot3.8.0-26-generic���Q|2~~~runlevel3.8.0-26-generic���Q3�tty44LOGIN����Qtty55LOGIN���Q�tty22LOGIN����Q�tty33LOGIN����Q�tty66LOGIN����Q�tty11LOGIN����Qo
�tty44����Qtty55����tty22����Q��tty33����Q��tty66����Q��tty11����Q��~~~shutdown3.8.0-26-generic���Qm�
                                 ~~~reboot3.8.0-26-generic�Q�2~~~runlevel3.8.0-26-generic�Q*�ptty44LOGINp�Qvtty55LOGINv�Q�tty22LOGIN��Q�tty33LOG�tty44LOGIN�Qv�Q�tty55LOGIN�Qv�Q�tty22LOGIN�Qv�Q�tty33LOGIN�Qv�Q�t0#pts/4/4jai:0.0��Qt'�)pts/1/1root:0.0%��Qpts/1/1root~��Q'1pts/4/4jai���Q�02�tty44�i��Q?��tty55�i��Q�tty22�i��Q�tty33�i��Q�tty66�i��Q�tty11�i��Q~~~shutdown3.8.0-26-genericy��Q��~~~reboot3.8.0-26-generic���Q<2~~~runlevel3.8.0-26-generic���Q�Yotty44LOGINo���Qttty55LOGINt���Qztty22LOGINz���Q{tty33LOGIN{���Qtty66LOGIN���Q�tty11LOGIN����Q�
                                                          pts/0/0jai:0.0P(�QDhpts/0/0jaiN*�Q��
              02~~~runlevel3.8.0-26-generic7>�Q֯
                                               otty44o8>�Q�ttty55t8>�Q�ztty22z8>�Q�{tty33{8>�Q5tty668>�Q7�tty11�8>�Qk�~~~shutdown3.8.0-26-genericG>�Q�F~~~reboot3.8.0-26-generic���QZ<2~~~runlevel3.8.0-26-generic���Q�%Ptty44LOGINP���QTtty55LOGINT���QZtty22LOGINZ���Q[tty33LOGIN[���Q^tty66~~~shutdown3.8.0-26-generic��Q��~~~reboot3.8.0-26-generict��Q(sy44P��Q�%
2~~~runlevel3.8.0-26-generict��Q�3
                                   Ptty44LOGINPt��QTtty55LOGINTt��QZtty22LOGINZt��Q[tty33LOGIN[t��Q^tty66LOGIN^t��Q�tty11LOGIN�v��Q�pts/0/0jai:0.0���Qb�pts/1/1jai:0.0���Q��pts/0/0jai���Q��pts/1/1jai���Q�02~~~runlevel3.8.0-26-genericU��Q$:
                Ptty44PV��QTtty55TV��Q�Ztty22ZV��Q[tty33[V��^tty66^V��Q�tty11�V��Q��~~~shutdown3.8.0-26-generice��Q�&~~~reboot3.8.0-26-genericX �Q2~~~runlevel3.8.0-26-genericX �Qf�Ytty44LOGINYX   �Q]tty55LOGIN]X �Qctty22LOGINcX �Qetty33LOGINeX �Qitty66LOGINiX �Q�tty11LOGIN�Y �Qpts/0/0jai:0.0�
�QlU                                             �Q@�pts/1/1jai:0.0
   pts/1/1jaii�Q�L    pts/0/0jaik�Q��n(pts/0/0jai:0.0��Qpts/0/0jai�#�QB02~Ytty44Y�k�Q�(]tty55]�k�Q|1ctty22c�k�Q�Setty33e�k�Q�Witty66i�k�Q�[�tty11��k�Q7�~~~shutdown3.8.0-26-generic�k�QL�~~~reboot3.8.0-26-generic��QMG
2~~~runlevel3.8.0-26-generic��Q�
�tty44LOGIN���Q�tty55LOGIN���Q�tty22LOGIN���Q�tty33LOGIN���Q�tty66LOGIN���QEtty11LOGINE��Q� pts/1/1jai:0.0���Q�h   pts/1/1jaiW��Q.
                                                                              �tty55�^��Q�tty22�^��Q�tty33�^��Q�tty66�^��QEtty11E^��Q�~~~shutdown3.8.0-26-genericr��Q�t~~~reboot3.8.0-26-generic��Q!Q
2~~~runlevel3.8.0-26-generic��Qy
rtty44LOGINr��Qvtty55LOGINv��Q|tty22LOGIN|��Q}tty33LOGIN}��Q�tty66LOGIN���Qxtty11LOGINx��Q� pts/1/1jai:0.0�Q��  pts/2/2jai:0.0O&�QiO
    �   pts/3/3jai:0.0�'�Q~pts/2/2jai�,�Q/pts/3/3jai�,�Q��pts/1/1jai2�Qʸ%pts/�/2jai:0.0O;�Q͵pts/2/2jail<�Q
 7pts/2/2jai:0.0�P�Q(w
                      7pts/4/4jai:0.0�Q�Q'�
                                          pts/2/2jai�[�Qpts/4/4jai�[�Q�i02~~~runlevel3.8.0-26-generic�]�Q�rtty44r�]�Q�
vtty55v�]�Q��
|tty22|�]�Qպ
}tty33}�]�Q9�
�tty66��]�Q��
xtty11x�]�Q�
~~~shutdown3.8.0-26-generic�]�Q��~~~reboot3.8.0-26-generic^�Q|� 2~~~runlevel3.8.0-26-generic^�Q��   �tty44LOGIN�^�Q�tty55LOGIN�^�Q�tty22LOGIN�^�Q�tty33LOGIN�^�Q�tty66LOGIN�^�Q�tty11LOGIN�^�Q  
                                                                pts/1/1jai:0.0�b�Qpts/1/1jai�c�Q΋
62~~~runlevel3.8.0-26-generic�c�Q��tty44��c�Q5�tty55��c�Q��tty22��c�Q��tty33��c�Q��tty66��c�Q�tty11��c�Q##~~~shutdown3.8.0-26-generic
                                                                   d�Q�~~~reboot3.8.0-26-genericI}�Q�
2~~~runlevel3.8.0-26-genericI}�Q5<
                                   �tty44LOGIN�I}�Q�tty55LOGIN�I}�Q�tty22LOGIN�I}�Q�tty33LOGIN�I}�Q�tty66LOGIN�I}�Q�tty11LOGIN�P}�Q~~~reboot3.8.0-26-generic1��Q�2~~~runlevel3.8.0-26-generic1��Q6�tty44LOGIN�1��Q�tty55LOGIN�1��Q�tty22LOGIN�1��Q�tty33LOGIN�1��Q�tty66LOGIN�1��Qtty11LOGIN6��QLpts/1/1jai:0.05*�Q��
                      pts/1/1jai�+�Q1m&pts/0/0jai:0.0�4�pts/0/0jai�5�Q��02~~~runlevel3.8.0-26-generic=�Qq#�tty44�=�Q�.
                                          �tty55�=�Q�1
                                                       �tty22�=�QD4
                                                                    �tty33�=�Q�6
 �tty66�=�9
            tty11=�Q$F
                      ~~~shutdown3.8.0-26-generic=�Q��~~~shutdown3.8.0-26-generic=�Q�%~~~reboot3.8.0-26-generic}��Q)|   2~~~runlevel3.8.0-26-generic}��Q4D
�tty44LOGIN�}��Q�tty55LOGIN�}��Q�tty22LOGIN�}��Q�tty33LOGIN�}��Q�tty66LOGIN�}��Qtty11LOGIN���Q� pts/1/1jai:0.0V��Qpts/1/1jai6��QT�~~~reboot3.8.0-26-generic=��Q2~~~runlevel3.8.0-26-generic=��Q:P   �tty44LOGIN�=��Q�tty55LOGIN�=��Qtty22LOGIN=��Qtty33LOGIN=��Q�tty66LOGIN�=��Q�tty11LOGIN�C��Q02~~~runlevel3.8.0-26-generic���Q��tty44����Q�tty55����Q>tty22���Qtty33���Q~~~shutdown3.8.0-26-generic���Ql�~~~reboot3.8.0-26-genericf�Q%p  2~~~runlevel3.8.0-26-genericf�Q
�   �tty44LOGIN�f�Q�tty55LOGIN�f�Q�tty22LOGIN�f�Q�tty33LOGIN�f�Q�tty66LOGIN�f�Q�tty11LOGIN�k�Q�pts/0/0jai:0.0�{�QFQjai@frank-Jai:~$ 



jai@frank-Jai:~$ sudo cat /var/log/btmp

por rɑːdʒɑ 28.07.2013 / 04:22

1 resposta

Desinstalado Python 3.3 Usuário chamado backup1… para que serve? como saber se não está comprometido?

score 3 · Accepted Answer

Todos os três arquivos que você deseja ler estão em formato binário. Eles não são arquivos de texto simples e não podem ser lidos com um editor de texto ou usando o comando cat .

O arquivo /var/log/btmp registra tentativas de login com falha.
O arquivo /var/run/utmp permite descobrir informações sobre quem está usando atualmente o sistema. Este arquivo conterá informações sobre os logins de usuários: em quais terminais, logout, eventos do sistema e status atual do sistema, tempo de inicialização do sistema (usado pelo tempo de atividade), etc.
O arquivo /var/log/wtmp fornece um registro histórico de dados utmp.

Você pode usar o comando last para ler cada um deles.

Por exemplo:

sudo last /var/log/btmp' (note: needs to be run using sudo)

johndoe@computer:~$ last -f /var/run/utmp
 johndoe   tty7                          Fri Jul 26 17:58   still logged in   
 reboot   system boot  3.5.0-37-generic Fri Jul 26 17:57 - 20:10 (1+02:13)  

johndoe@computer::~$ last -f /var/log/wtmp
 reboot   system boot  3.5.0-37-generic Fri Jul 26 17:57 - 20:16 (1+02:19)   
 johndoe   pts/2        :0               Fri Jul 26 17:52 - 17:55  (00:03)    
 johndoe   pts/5        :0               Fri Jul 26 12:00 - 17:55  (05:55)    
 johndoe   pts/0        :0.0             Fri Jul 26 07:11 - 11:58  (04:46)
 <snip>...

Para mais informações, consulte: Data de exibição do Linux e hora de login e as páginas man do comando "last" .