Anyone have any idea on how to display the fields stored in the wtmp file using C? Am I correct in thinking that the info stored in wtmp is in binary and that utmpx will be of some help?


I don't know what a wtmp file is besides what I just looked up. I have never heard of it, but on the man page (http://www.mcsr.olemiss.edu/cgi-bin/man-cgi?utmp+4) they have a structure there. I would assume you fread that structure and then you would be able to get the info you want to display.

Thanks. Ok, this code in C performs the functions of the last command. It displays some of the fields from the wtmp file. Instead of reporting the hostname, I'd like to report the IP address. From the man pages, it looks as though the host command will find IP addresses. But, do I need to use pipes to perform this action? Maybe something like read_fp = popen("host", "r"). Of course, the IP address field may be empty and in this case I can report something such as "empty" and perform no DNS lookup.

#include <utmp.h>
#include <utmpx.h>
#include <stdio.h>
#include <iostream>

#define WTMP_FILENAME "/var/log/wtmp"

int main()

struct utmp record;
FILE *fd = fopen(WTMP_FILENAME, "r");

if (fd == NULL) {
return 1;
while (fread(&record, sizeof record, 1, fd) != 0) {
printf("%s: %s\t: %s\t", record.ut_line, record.ut_user, record.ut_id);
return 0;