GNU Rush
	Restricted User Shell	Sergey Poznyakoff

• Main
• Downloads
• Documentation

11 Accounting Database

Rush accounting database is stored in the directory localstatedir/rush, where localstatedir stands for the name of the local state directory, defined at compile time. By default, it is prefix/var, where prefix is the installation prefix, which defaults to /usr/local. Thus, the default database directory is /usr/local/var/rush. You can change this default using the --localstatedir option to configure before compiling the package. The --prefix option affects it as well.

As of version 2.2, the database consists of two files, called utmp and wtmp. The wtmp file keeps information about all user sessions, both finished and still active. The utmp file contains indices to those records in wtmp, which represent active sessions.

The wtmp grows continuously, while utmp normally grows the first day or two after enabling accounting mode, and from then on its size remains without changes. If you set up log file rotation, e.g. by using logrotate (see logrotate in logrotate man page), or a similar tool, it is safe to rotate wtmp without notifying rush. The only requirement is to truncate utmp to zero size after rotating wtmp, as shown in the following logrotate.conf snippet:

/var/run/rush/wtmp {
    monthly
    create 0640 root svusers
    postrotate
      cat /dev/null > /var/run/rush/utmp
    endscript
}

Accounting files are owned by ‘root’ and normally are accessible only to the owner (file mode ‘600’). You may change the default permissions using the following global configuration file statements:

global: acct-umask mask

Set umask used when accessing accounting database files. Default value is ‘022’.

global: acct-dir-mode mode

Set mode bits for the accounting directory. The mode argument is the mode in octal.

global: acct-file-mode mode

Set mode bits for wtmp and utmp files.

Notice, that these statements affect file and directory modes only when the corresponding file or directory is created. Rush will not change modes of the existing files.

The following sections contain a detailed description of the structure of these two files. You may skip them, if you are not interested in technical details.