* utmp Format
@ 2024-08-01 16:41 support
0 siblings, 0 replies; only message in thread
From: support @ 2024-08-01 16:41 UTC (permalink / raw)
To: linux-kernel
I've noticed a difference in the size of the `utmp` struct between Linux
6.1.0-22-amd64 and 6.1.0-23-cloud-arm64. No doubt there are differences
between other unices as well. Is there a reason this is still a binary
log? On 6.1.0-22-amd64, it seems to be 384 bytes long, while the
average line length from `utmpdump` is only 125 bytes, so it's not a
space savings.
My primary concern is forensics. There is no consistent and reliable
way to read wtmp/btmp outside of the installation that created it.
JS
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-08-01 16:41 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-08-01 16:41 utmp Format support
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox