From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5)
Description of problem:
The /usr/bin/who program lists users that are not logged in and do not
even have any processes running on the system.
This appears to be caused when terminal windows are killed.
For example, the following shows /usr/bin/who listing "aankola1" as
being logged in multiple times, but there is not a single process
associated with that username on the system:
srao3 pts/0 May 10 11:31 (:1.0)
srao3 pts/2 May 10 11:32 (:1.0)
srao3 pts/3 May 10 11:52 (:1.0)
srao3 pts/4 May 10 13:19 (:1.0)
srao3 pts/5 May 11 10:34 (:1.0)
srao3 pts/6 May 14 14:41 (:1.0)
srao3 pts/7 May 14 14:59 (:1.0)
srao3 pts/8 May 15 17:17 (:1.0)
srao3 pts/9 May 15 17:20 (:1.0)
aankola1 pts/12 May 10 16:53 (:2.0)
aankola1 pts/13 May 10 16:53 (:2.0)
aankola1 pts/14 May 10 16:53 (:2.0)
aankola1 pts/15 May 10 16:53 (:2.0)
aankola1 pts/16 May 10 16:53 (:2.0)
aankola1 pts/17 May 10 16:53 (:2.0)
aankola1 pts/18 May 10 16:53 (:2.0)
aankola1 pts/19 May 10 16:53 (:2.0)
aankola1 pts/20 May 10 16:53 (:2.0)
aankola1 pts/21 May 10 16:53 (:2.0)
aankola1 pts/22 May 10 16:53 (:2.0)
aankola1 pts/23 May 10 16:53 (:2.0)
aankola1 pts/24 May 10 16:53 (:2.0)
srao3 pts/27 May 11 10:58 (:1.0)
srao3 pts/28 May 11 13:29 (:1.0)
srao3 pts/29 May 11 15:26 (:1.0)
a19184 pts/30 May 12 07:05 ([system name])
srao3 pts/31 May 13 13:37 (:1.0)
qa4669 pts/10 May 19 14:08 ([system name])
% /bin/ps -U aankola1
PID TTY TIME CMD
[no processes listed]
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Login to a system
2. Open several terminal windows
3. Kill those terminal windows
4. Run /usr/bin/who and see them still listed
Those terminal windows are responsible for cleaning up utmp. 'who'
just reports what utmp says.
1) This problem is not specific to gnome-terminal -- the exact same
thing happens with, e.g., /usr/bin/xterm
2) The problem appears to be specific to /usr/bin/who -- the
/usr/bin/w program, for example, does not return these bogus entries.
I'd like to note that I installed RHEL 3 Desktop and am seeing this
also. It's particularly annoying because userdel -r balks at removing
This seems to be related to the bug I reported earlier regarding finger:
Alan Cox provided a fix for finger, but looks like a similar one is
needed for who as well. Here's the background info regarding the fix
he developed from fedoranews.org:
Finger mishandled stale utmp entries and also entries from remote X
sessions. This would cause random idle times and spurious users to
Created attachment 109726 [details]
Ignore stale utmp entries when listing user processes
This is not a fix but a work-around. There shouldn't *be* stale utmp entries in
the first instance.
Or rather, there may be stale utmp entries, but:
- any process IDs associated with stale utmp entries may be re-used by unrelated
- 'who FILE' can be used to examine the contents of a utmp file that has been
transferred from a different machine, and so there must be no additional check
in that case
I've been able to reproduce this at will using xterm but have been unsuccessful
Perhaps someone who sees this with gnome-terminal can provide straces (strace
-f, preferably before any other gnome-terminals are running, otherwise attach to
gnome-pty-helper process as well) and output of who before and after killing the
Regarding the issue of 'who' reporting utmp entries that ought to be ignored
(because the associated process no longer exists):
This has been fixed upstream, and will be fixed in the soon-to-be-released
Fedora Core 4.
Neither Red Hat Enterprise Linux 3 nor Red Hat Enterprise Linux 4 have the fix;
however, it is a relatively harmless bug.
Regarding the issue of 'gnome-terminal' leaving stale utmp entries when the
window is killed: this has not been addressed to my knowledge. Please open a
separate bug report for that, with the strace output.
If this fix hasn't been backported into RHEL 3, does it really make sense to
close a bug specifically opened against RHEL 3?
This bug may be trivial, but it does have real-world implications in an
For example, we found this bug because we're using a load balancing solution
that depends on this data to determine number of users logged into a machine.
Bogus login info means that load balancing based on number of users logged in
doesn't work right.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.