Bash History: Display Date And Time For Each Command

How do I display shell command history with date and time under UNIX or Linux operating systems?

If the HISTTIMEFORMAT is set, the time stamp information associated with each history entry is written to the history file, marked with the history comment character. Defining the environment variable as follows:
$ HISTTIMEFORMAT="%d/%m/%y %T "
OR
$ echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile

 

Where,
%d – Day
%m – Month
%y – Year
%T – Time

Now logout and check with “history” command.

Advertisements

View utmp, wtmp and btmp files

In Linux/Unix operating systems everything is logged some where. Most of the system logs are logged in to /var/log folder. This folder contains logs related to different services and applications. In this folder we have some files such as utmp, wtmp and btmp. These files contains all the details about login’s and logout’s which are from local as well as from remote systems and system status such as uptime etc.

Some info about utmp, wtmp and btmp

  • utmp will give you complete picture of users logins at which terminals, logouts, system events and current status of the system, system boot time (used by uptime) etc.
  • wtmp gives historical data of utmp.
  • btmp records only failed login attempts.

Normally when we try to view these files using cat command or vi editor they used to throw some junk characters and garbage values or in encrypted form or hex values. The output of these files when open with vi or cat command are shown below to show how wtmp file look when opened with vi.

This is totally unreadable, then how we can read this file?

We can read this file with only last command. last command is one of the important command which will give you how logged in, when they logged in and when they logged out etc info on the screen.

My last command output.

[root@legacy ~]# last
root pts/0 202.65.148.252 Sun Dec 16 19:26 still logged in
root pts/0 202.65.148.252 Sun Dec 16 19:26 – 19:26 (00:00)
reboot system boot 2.6.32-042stab05 Sun Dec 16 19:25 (00:31)
root pts/0 188.24.130.111 Sun Dec 16 18:39 – 18:41 (00:01)
root pts/0 38.98.73.241 Sun Dec 16 16:48 – 16:48 (00:00)
root pts/1 202.65.148.252 Sun Dec 16 13:51 – 16:05 (02:14)
root pts/0 14.96.27.220 Sun Dec 16 11:06 – 14:17 (03:11)
root pts/0 202.65.148.252 Sat Dec 15 22:03 – 00:16 (02:12)
root pts/1 202.65.148.252 Sat Dec 15 19:57 – 00:09 (04:11)
root pts/0 202.65.148.252 Sat Dec 15 16:36 – 20:48 (04:11)
root pts/1 202.65.148.252 Fri Dec 14 16:26 – 20:37 (04:11)
root pts/0 202.65.148.252 Fri Dec 14 15:59 – 16:26 (00:27)
root pts/0 202.65.148.252 Wed Dec 12 15:06 – 23:35 (08:29)
root pts/0 202.65.148.252 Wed Dec 12 14:00 – 15:06 (01:05)
root pts/0 202.65.148.252 Tue Dec 11 18:16 – 23:27 (05:11)
reboot system boot 2.6.32-042stab05 Tue Dec 11 18:16 (5+01:08)
root pts/0 202.65.148.252 Tue Dec 11 18:13 – down (00:03)
root pts/0 202.65.148.252 Tue Dec 11 18:12 – 18:12 (00:00)
root pts/0 202.65.148.252 Tue Dec 4 11:25 – 12:05 (00:40)
root pts/0 202.65.148.252 Tue Dec 4 11:24 – 11:24 (00:00)
reboot system boot 2.6.32-042stab05 Tue Dec 4 11:23 (7+06:52)

wtmp begins Tue Dec 4 11:18:01 2012
[root@legacy ~]#

This last command display many details about user login/logout activity. The same command can be used to view wtmp, utmp and btmp files.

To open wtmp file and view its content use blow command

last -f /var/log/wtmp

To see still logged in users view utmp file use last command

last -f /var/run/utmp

To view btmp file use same command

last -f /var/log/btmp

 

Happy log file viewing..

Linux error “There are stopped jobs”

This error will come when you try to logout or exit from a terminal and there are some tasks which are running in background.

[root@legacy ~]# ping kakkar.com
PING kakkar.com (74.208.80.234) 56(84) bytes of data.
64 bytes from perfora.net (74.208.80.234): icmp_seq=1 ttl=49 time=260 ms
64 bytes from perfora.net (74.208.80.234): icmp_seq=2 ttl=49 time=260 ms
64 bytes from perfora.net (74.208.80.234): icmp_seq=3 ttl=49 time=260 ms
64 bytes from perfora.net (74.208.80.234): icmp_seq=4 ttl=49 time=261 ms
64 bytes from perfora.net (74.208.80.234): icmp_seq=5 ttl=49 time=260 ms

^Z
[1]+ Stopped ping kakkar.com
[root@legacy ~]# exit
logout
There are stopped jobs.
[root@legacy ~]#

If you observe I started a ping program and sent that process to background. And when I try to logout from that terminal I got an error stating that there are still some programs running. To stop this error we have to see if you really like to kill the jobs.
How to kill those jobs?
Execute/press below commands/shortcuts
fg
ctrl+c
How to retain job running though you try to logout?
Just press below commands/shortcuts
ctrl+z
bg
disown
This will allow us to run the process in background though you try to logout.

Changing Qmail ip routing

Please find the given steps to change the Ip routing in Qmail server.

 

SSH in to your server console and lets look.

# [root@saharaglobal ~]# /sbin/ip route

202.65.151.0/24 dev eth0  proto kernel  scope link  src 202.65.151.68

169.254.0.0/16 dev eth0  scope link

default via 202.65.151.1 dev eth0

 

To change the default qmail IP route from 202.65.151.68 to 202.65.151.69

# sbin/ip route change default via 202.65.151.1 dev eth0:1 src 202.65.151.69

 

That’s all there is to it. All qmail outgoing mails now leave from IP 202.65.151.69 instead of 202.65.151.68

 

Fighting with Exim Queues

Although I am fond of Sendmail, I have to admin that there are lot of other respectable MTAs that do a great job, are very very powerful and are far easier to install, configure and administer. Due to my numerous CPanel servers I usually have to work with Exim MTA and perform various operations on my mail queues. Here are some very useful commands for Exim MTA.

Queue Search

  • Count Message in Queue:
    exim -bpc
  • Queue overview:
    exim -bp | exiqsumm
  • Messages in queue, only msg-ids:
    exiqgrep -i
  • Search messages in queue, based on sender:
    exiqgrep -f [sender]@domain.tld
  • Search messages in queue, based on recipient:
    exiqgrep -r [sender]@domain.tld
  • Search messages in queue, based on age:
    exiqgrep -o 14400 (older than 4 hours)
    exiqgrep -y 14400 (younger than 4 hours)
  • Search messages in queue, in frozen state:
    exiqgrep -z
  • For the above command show just the msg-ids use the -i switch. For example:
    exiqgrep -i -o 14400

Queue Delivery

  • Dequeue all messages:
    exim -q -v
  • Dequeue all messages for local delivery:
    exim -ql -v
  • Dequeue all messages, force:
    exim -qff -v
  • Deliver a message, force:
    exim -M <message-id>
  • Freeze a message:
    exim -Mf <message-id>
  • Thaw a message:
    exim -Mt <message-id>

Queue Remove

  • Fail a message, force:
    exim -Mg <message-id>
  • Remove all frozen messages:
    exiqgrep -z -i | xargs exim -Mrm
  • Remove old messages, for example older than 4 hours:
    exiqgrep -o 14400 -i | xargs exim -Mrm

More info can be found on the official Exim documentation page and especially on Exim tools page.