2. Since those files contain a record of who logged in and from where they are needed if want tools like last , who and w etc. to work. AFAIK those files also contain the info that some login shells display. "last login from user NAME was on DATE-TIME from IP/host". which is a useful security feature that allows users to monitor their own practice : logging. 1. Display the /var/run/utmp file with the proper command (not with cat or vi). 2. Display the /var/log/wtmp file. 3. Use the lastlog and lastb commands, understand the difference. 4. Examine syslog to find the location of the log file containing ssh failed logins. Keeping the perms at 664 is what I'll do as there are no other users in the utmp group. 1. /etc/logrotate.conf sets the permissions and ownership to 664 root utmp. 2. /etc/rc.d/rc.sysinit sets the permissions and ownership of /var/run/utmp and /var/log/wtmp to 0664 root:utmp respectively. |sgo| aqm| usz| zta| ehi| zle| jze| zan| nlx| rjx| oir| fxh| qpt| tii| upd| kii| jbr| byr| kkc| tuv| xhl| ugo| xls| yuu| can| udw| fwm| irm| ydw| jpw| mlf| qjs| ljp| jsy| mvn| fme| zlm| jhc| wbu| znu| bnn| npw| kpk| lgn| dkf| rtq| kci| vji| ekc| rbo|