About Linux FAQ

Browse More FAQs:

Linux remove or clear the last login information

Posted by Vivek Gite [Last updated: January 28, 2007]

Q. How do I clear or remove last login information? I would like to clear all the login information. I am using Fedora Core 6 Linux.

A. /var/log/lastlog file stores user last login information. This is binary file. You need to use lastlog command to formats and prints the contents of the last login log /var/log/lastlog file.

Following information is printed using lastlog command:

=> The login-name

=> Port

=> Last login time

Task: Display last login information

Simply type lastlog:
$ lastlog
Output:

Username         Port     From             Latest
root             tty1                      Thu Jan 25 15:23:50 +0530 2007
daemon                                     **Never logged in**
bin                                        **Never logged in**
sys                                        **Never logged in**
sync                                       **Never logged in**
vivek            tty1                      Sat Jan 27 22:10:36 +0530 2007
pdnsd                                      **Never logged in**
sshd                                       **Never logged in**
messagebus                                 **Never logged in**
bind                                       **Never logged in**
sweta           tty1                      Sat Jan 27 19:55:22 +0530 2007

Note: If the user has never logged in the message "**Never logged in**" will be displayed instead of the port and time.

Task: Clear last login information

Simply overwrite /var/log/lastlog file. You must be the root user. First make a backup of /var/log/lastlog:
# cp /var/log/lastlog /root
Now overwrite file using any one of the following command:
# >/var/log/lastlog
OR
# cat > /var/log/lastlog
Press CTR+D

Subscribe to our free e-mail newsletter or RSS feed to get all updates. You can Email this page to a friend.

Related Other Helpful FAQs:

Discussion on This FAQ

  1. Daniel K Says:
    January 29th, 2007 at 7:17 am

    maybe simpler:

    sudo touch /var/log/lastlog ?

  2. nixcraft Says:
    January 29th, 2007 at 3:07 pm

    Daniel,

    Touch command update the access and modification times of each FILE to the current time. So it will not empty the file.

    If file is deleted, you can use touch command. Agin you need to run chmod to set correct permission:

    sudo /bin/rm /var/log/lastlog
    sudo touch /var/log/lastlog
    soud chown root:adm /var/log/lastlog

  3. Vasudeva Says:
    May 2nd, 2008 at 3:34 pm

    Lastlog will not have su information. Like user1 su to user2 this login information will not update the lastlog file. Is it possible to customize this to update su information also into lastlogin ? If yes please help me how to do this.

Leave a Reply

We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Copyright © 2006-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.