дамп файлов UTMP и WTMP в необработанном формате (dump UTMP and WTMP files in raw format)
Имя (Name)
utmpdump - dump UTMP and WTMP files in raw format
Синопсис (Synopsis)
utmpdump [options] filename
Описание (Description)
utmpdump is a simple program to dump UTMP and WTMP files in raw
format, so they can be examined. utmpdump reads from stdin unless
a filename is passed.
Параметры (Options)
-f, --follow
Output appended data as the file grows.
-o, --output file
Write command output to file instead of standard output.
-r, --reverse
Undump, write back edited login information into the utmp or
wtmp files.
-V, --version
Display version information and exit.
-h, --help
Display help text and exit.
Примечание (Note)
utmpdump can be useful in cases of corrupted utmp or wtmp
entries. It can dump out utmp/wtmp to an ASCII file, which can
then be edited to remove bogus entries, and reintegrated using:
utmpdump -r < ascii_file > wtmp
But be warned, utmpdump was written for debugging purposes only.
File formats
Only the binary version of the utmp(5) is standardised. Textual
dumps may become incompatible in future.
The version 2.28 was the last one that printed text output using
ctime(3) timestamp format. Newer dumps use millisecond precision
ISO-8601 timestamp format in UTC-0 timezone. Conversion from
former timestamp format can be made to binary, although attempt
to do so can lead the timestamps to drift amount of timezone
offset.
Ошибки (баги) (Bugs)
You may not use the -r option, as the format for the utmp/wtmp
files strongly depends on the input format. This tool was not
written for normal use, but for debugging only.
