On Fri, 2005-05-06 at 19:45 +0000, Chad Sine wrote:
> Hello my fellow sluggers,
>
> I found the / partition had filled on one of my routers.
>
> Filesystem Size Used Avail Use% Mounted on
> /dev/hda2 2.7G 2.7G 0K 100% /
> none 31M 0 31M 0% /dev/shm
>
> The /var/log/wtmp file had grown to 1.6G. I deleted it, and touched a new
> wtmp. The new one has grown to 1M in just under an hour. My log fills with
> these entries from c{1-6}.
>
> Utmp dump of wtmp
> [6] [01012] [c5 ] [LOGIN ] [tty5 ] [ ] [0.0.0.0
> ] [Tue Apr 05 12:32:06 2005 EDT]
> [8] [01002] [c6 ] [ ] [tty6 ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:06 2005 EDT]
> [5] [01014] [c6 ] [ ] [ ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:06 2005 EDT]
> [6] [01014] [c6 ] [LOGIN ] [tty6 ] [ ] [0.0.0.0
> ] [Tue Apr 05 12:32:06 2005 EDT]
> [8] [01004] [c1 ] [ ] [tty1 ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:15 2005 EDT]
> [8] [01006] [c2 ] [ ] [tty2 ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:15 2005 EDT]
> [8] [01008] [c3 ] [ ] [tty3 ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:16 2005 EDT]
> [8] [01010] [c4 ] [ ] [tty4 ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:16 2005 EDT]
> [8] [01012] [c5 ] [ ] [tty5 ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:16 2005 EDT]
> [8] [01014] [c6 ] [ ] [tty6 ] [2.4.22-gentoo-r7 ] [0.0.0.0
> ] [Tue Apr 05 12:32:16 2005 EDT]
>
> Any Ideas?
>
> Chad Sine
>
>
man wtmp shows a lot..... the second column of your dump shows the
process ID.....have you done a ps to see what 1012 and 1014 (probably
different by now) are??
Mike Branda Jr.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:41:11 EDT