How to disable recording of ftp sessions in login log file on Solaris 10 & HP-UX 11.23/11.31

FTP server processes of most UNIX systems records user login and logout events in the login log file (wtmpx/wtmps). These files keep track of all login/logout events and typically grow without bounds.

If your systems are receiving large number of ftp connections than ftp records dominates the log files and makes it difficult to track shell logins via last command and other utilities. Also the size of the wtmpx/wtmps files will grow huge and take a lot of disk space.

Thankfully ftpd command on Solaris 10 and HP-UX 11.23/11.31 systems has a command line switch that disables recording of ftp login/logout sessions. You must add the “-W” on the command line while starting the ftpd process.

To achieve this:

Solaris 10

You can use the inetadm command to configure inetd-controlled services on Solaris 10 systems.

Issue the following inetadm command to append “-W” to the command line of the svc:/network/ftp:default service. You must refresh the service definition using the svcadm command to make the change take effect.

inetadm -m svc:/network/ftp:default exec="/usr/sbin/in.ftpd -a -W"
svcadm refresh svc:/network/ftp:default

HP-UX 11.23/11.31

inetd configuration is done using the good old inetd.conf file on HP-UX systems.
You can edit the /etc/inetd.conf file and append the “-W” at the end of the ftp line.
You must run the inetd -c command to make the inetd deamon to reload the configuration and make your changes take effect.

vi /etc/inetd.conf
ftp          stream tcp6 nowait root /usr/lbin/ftpd     ftpd -l -W
inetd -c

%d bloggers like this: