Clean the wtmp file

Here is a script that removes the oldest entries in the /var/adm/wtmp file, but keeps a reasonable history:

#!/bin/sh

/usr/sbin/acct/fwtmp < /var/adm/wtmp | tail -25000 > /tmp/wtmp.ascii.new
if [ "$?" != 0 ]
then
        echo "$0" "Error extracting wtmp file"
        exit
fi

/usr/sbin/acct/fwtmp -ic < /tmp/wtmp.ascii.new > /var/adm/wtmp
if [ "$?" != 0 ]
then
        echo "$0" "Error recompressing wtmp file"
        exit
else

rm /tmp/wtmp.ascii.new

fi

This could be done on in a one-liner, but this gives a little more feedback if it fails, which I’ve never actually seen.

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*