lastlog formats and prints the contents of the last login log
/var/log/lastlog file. The login-name, port, and last login
time will be printed. The default (no flags) causes lastlog entries to be
printed, sorted by their order in /etc/passwd.
-b, --before DAYS
Clear lastlog record of a user. This option can be used
only together with -u (--user)).
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use
the configuration files from the CHROOT_DIR directory.
Set lastlog record of a user to the current time. This
option can be used only together with -u (--user)).
-t, --time DAYS
-u, --user LOGIN|RANGE
The users can be specified by a login name, a numerical user ID,
or a RANGE of users. This RANGE of users can be specified with
a min and max values (UID_MIN-UID_MAX), a max value
(-UID_MAX), or a min value (UID_MIN-).
** 从未登录 **
Only the entries for the current users of the system will be
displayed. Other entries may exist for users that were deleted
The lastlog file is a database which contains info on the last login of each
user. You should not rotate it. It is a sparse file, so its size on the disk
is usually much smaller than the one shown by "ls -l" (which
can indicate a really big file if you have in passwd users with a high UID).
You can display its real size with "ls -s".
Highest user ID number for which the lastlog entries
should be updated. As higher user IDs are usually tracked by remote user
identity and authentication services there is no need to create a huge sparse
lastlog file for them.
No LASTLOG_UID_MAX option present in the configuration
means that there is no user ID limit for writing lastlog entries.
Database times of previous user logins.
Large gaps in UID numbers will cause the lastlog program to run longer with no
output to the screen (i.e. if in lastlog database there is no entries for
users with UID between 170 and 800 lastlog will appear to hang as it processes
entries with UIDs 171-799).