-
Notifications
You must be signed in to change notification settings - Fork 207
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Huge (sparse) files /var/log/lastlog and /var/log/faillog trouble docker #2287
Labels
Comments
Related (but no solution to be found there): |
Oh, good points, so, in essence, this is a problem with docker after such a user has been created. We should at least explain this in the documentation. |
Move this to new Docker repo? |
Closing — this should be at sagemathinc/cocalc-docker#6 |
openstack-gerrit
pushed a commit
to openstack/kolla
that referenced
this issue
Nov 1, 2018
These two files are useless in container, and disable them will save about 18MB size for image. More info please check[1]. [1] sagemathinc/cocalc#2287 (comment) Change-Id: I1bba59260043782fd7c9306b194d144d027a29e0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The files
/var/log/lastlog
and/var/log/faillog
store records per user offset by a multiple of user id. Since cocalc uses huge user ids for projects, they result in huge files, which are not in principle a problem (they are stored as files with holes).However, this creates trouble with some docker functions (e.g.
docker commit
for sure, and maybedocker export
as well), since they create a copy of the file sequentially which takes a long time and disk space (hundreds of gigabytes).One possible solution:
-l
foruseradd
to avoid initializing those files when project-user creationpam_lastlog
from/etc/pam.d/login
)Alternative (simpler) solution:
/var/log/faillog
and/var/log/lastlog
as bothuseradd
andpam_lastlog
do not create the file if it doesn't existI think both solutions are functionally equivalent; the second one is trivial to do on a running container without any source changes (so it could just be a quick hint in the documentation).
What is lost: those files register the last login time, and failed login time, so the only thing missing seems to be the line "Last login time: xxxx" at login time, which won't show up.
It's very easy to reenable the feature: just
touch /var/log/{last,fail}log
to create empty files which will then be used (and thus extended to huge-files-with-holes).Note that similar (and more) information can still be obtained using
last
andlastb
commands which use the data from/var/log/wtmp
and/var/log/btmp
and don't suffer from this huge-file issue.Edit: I think
wtmp
will still be updated as long as the second solution is used. With the first solution accounting will not be done at all, since it's the samepam_lastlog
which updateswtmp
. It'd be cool ifpam_lastlog
would print the information fromwtmp
if the other file is missing, but that doesn't seem to be the case.The text was updated successfully, but these errors were encountered: