How do I permanently delete /var/log/lastlog?

ubuntu syslog pam

My /var/log/lastlog file is huge. I know it's really only a few kilobytes, but tar isn't smart enough to know that, so when I image a virtual machine, my restore fails because it thinks I'm trying to load more data than I have capacity on my disk.

I want to delete /var/log/lastlog and stop any and all logging to the file. I'm aware of the security implications. This logging needs to stop to preserve my backup strategy.

I've made a change to /etc/pam.d/login which I was told would disable logging to /var/log/lastlog, but it does not appear to work as /var/log/lastlog keeps growing.

# Prints the last login info upon succesful login
# (Replaces the `LASTLOG_ENAB' option from login.defs)
#session    optional   pam_lastlog.so

Any ideas?

EDIT

For anyone interested, I use Centrify Express to authenticate my users via LDAP. Centrify Express is "free", but one of the drawbacks is that I can't manage user UIDs via LDAP, so they are given a dynamic UID when they login to a server. Centrify picks some crazy high UID values (so they don't conflict with local users on the server, presumably). /var/log/lastlog is indexed by UID, and grows to accommodate the largest UID on the system. This means that when a Centrify user logs in, they get a UID in the upper-end of the UID range, which causes lastlog to allocate an obscene amount of space, according to the file system.

~$ ll /var/log/lastlog
-rw-rw-r-- 1 root root 291487675780 Apr 10 16:37 /var/log/lastlog
~$ du -h /var/log/lastlog
20K     /var/log/lastlog

More Into ---> Sparse Files


Solution 1:

Try this command:

ln -sfn /dev/null /var/log/lastlog

Solution 2:

The best solution here, in my opinion, is to use tar's -S / --sparse option to handle sparse files properly.

Solution 3:

if the 3rd party is using your system tar, rename tar to say, tar.real; then make a script called tar which will use -S only when called by the third-party software.

better, call the third-party via wrapper script which adds a special bin dir to the front of PATH, where you have the wrapper for tar, only works so long as third-party is not using absolute paths.

Related

Can't merge table cells - Merge Cells button "greyed out"
ubuntu 18.04, nm(Network Manager) is not able to manage network devices [duplicate]
What is the gmain process?
How to try out Thunderbird 60?
How to update Dell repositories after upgrading XPS 13 to Ubuntu 18.04
How can I find the IP address of my router?
"Unable to locate package" error in Ubuntu 18.04 on Windows 10 [duplicate]
How to install Xtreme Download Manager (XDM) in Ubuntu 18.04?
How to delete random n files from directory?
Ubuntu 18.04.1 hangs at "Booting SMP configuration" on VMware
Unable to insert the virtual optical disk (VBoxguestaddition) in virtual machine for ubuntu server in win 10
no compatible source was found for this media