HOW TO ENABLE PROCESS ACCOUNTING ON LINUX



  _Last updated: Fri Aug 8 09:25:58 HKT 1997_


       Preamble: This document is copylefted by Albert M.C. Tam
       ([email protected]). Permission to use, copy, distribute this document for
       non-commerical purposes is hereby granted, provided that the author's /
       editor's name and this notice appear in all copies and/or supporting
       documents; that this document is not modified. This document is
       distributed in hope that it will be useful, but WITHOUT ANY WARRANTY,
       either expressed or implied. While every effort has been taken to
       ensure the accuracy of the information documented herein, the author /
       editor / maintainer assumes NO RESPONSIBILITY for errors, or for
       damages results for the use of the information documented herein.



  This document describes how to enable system process accounting on a
  Linux host, and the usage of various process accounting commands. It
  is intended for users running kernel version greater than or equal to
  1.3.73 (recently tested on RedHat 4.1 kernel 2.0.27). Kernels older
  than 1.3.73 may need a patch in order to use the process accounting
  feature.

  Feel free to send any feedback or comments to [email protected] if you
  find an error, or if any information is missing. I appreciate it.


    _________________________________________________________________



What is Process Accounting?



  Process accounting is the method of recording and summarizing commands
  executed on Linux. The modern Linux kernel is capable of keeping
  process accounting records for the commands being run, the user who
  executed the command, the CPU time, and much more.

  Process accounting enables you to keep detailed accounting information
  for the system resources used, their allocation among users, and
  system monitoring.

Current Status of Process Accounting under Linux



  Process accounting support has been integrated into the newer kernels
  (version >= 1.3.73). If you are running an older kernel, you may need
  some patch files. The patches are available from

  ftp://iguana.hut.fi/pub/linux/Kernel/process_accounting



Requirements for Process Accounting on Linux



  _Kernel_

  Linux Kernel version greater than or equal to version 1.3.73, I
  recommended 2.x. The kernel source is available from

  http://sunsite.unc.edu/pub/Linux/kernel/v2.0



  _Process accounting software_

  Depending on the Linux distribution you have, you may, or may not have
  the process accounting software package installed on your system. If
  you don't have it, try downloading the package from

  http://sunsite.unc.edu/pub/Linux/system/admin/quota-acct-modified.tgz



    _________________________________________________________________



Process Accounting Setup on Linux



  _1. Compile and install process accounting softwares_

  The process accounting software package is available from

  http://sunsite.unc.edu/pub/Linux/system/admin/quota-acct-modified.tgz



  _2. Modify your system init script and turn on process accounting at
  boot time _

  Here's an example:


       # Turn process accounting on.
       if [ -x /sbin/accton ]
       then
               /sbin/accton /var/log/pacct
               echo "Process accounting turned on."
       fi



  _3. Create accounting record file "pacct"_

  Your process accounting softwares will print out all commands executed
  to the file /var/log/pacct by default.

  To create the accounting record file:


       touch /var/log/pacct



  This record file should be owned by root, has read-write permission
  for root, and read permission for anybody else:

       chown root /var/log/pacct
       chmod 0644 /var/log/pacct



  _4. Reboot_

  Now reboot your system for changes you made to take effect.


    _________________________________________________________________



Miscellaneous Process Accounting Commands



  _ac_

  ac prints out statistics about users' connection time in hours, based
  on the logins and logouts in the current /var/log/wtmp file. ac is
  also capable of printing out time totals for each day (-d option), and
  for each user (-p option).

  _accton_

  accton is used to turn on or turn off process accounting. The file is
  normally executed at system bootup or shutdown via system init
  scripts.

  _last_

  last goes through the /var/log/wtmp file and prints out information
  about connection times of users.

  _sa_

  sa summarizes accounting information from previously executed
  commands, software I/O operation times, CPU times, as recorded in the
  accounting record file /var/account/pacct.

  _lastcomm_

  lastcomm prints out the information about all previously executed
  commands, recorded in /var/account/pacct.

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.