Assignment Chef icon Assignment Chef
All English tutorials

Programming lesson

Mastering wtmp Parsing: Build a Login Statistics Tool Like logdata

Learn to parse the wtmp binary file, handle command-line options, and compute accurate login durations in C. This tutorial uses the logdata assignment as a springboard to teach system programming concepts with real-world relevance.

wtmp parsing C login statistics tool logdata assignment C systems programming utmp struct command-line option parsing getopt time duration formatting C binary file reading C session time calculation server login audit tutorial 2026 systems programming cybersecurity log analysis gaming session time tracker AI infrastructure monitoring Unix wtmp file tutorial C programming assignment help

Introduction: Why Login Statistics Matter in 2026

In the age of remote work and multi-user cloud servers, tracking who logged in and for how long is critical for security audits and resource management. The logdata command, as specified in the assignment, is a classic systems programming exercise that teaches you to read binary kernel data structures, parse command-line options, and manipulate time values. By building this tool, you'll gain skills directly applicable to modern cybersecurity tools, server monitoring dashboards, and even gaming platforms that track player session times. In 2026, with the rise of AI-driven infrastructure, understanding low-level system logs is more valuable than ever.

Understanding the wtmp File

The wtmp file (usually /var/log/wtmp) records all logins and logouts on a Unix-like system. Each record is a struct utmp defined in <utmp.h>. Key fields include ut_type (LOGIN_PROCESS, USER_PROCESS, DEAD_PROCESS, etc.), ut_user (username), ut_tv (timeval of the event), and ut_line (terminal line). For login statistics, we care about pairs of USER_PROCESS (login) and DEAD_PROCESS or RUN_LVL (logout or shutdown).

Reading wtmp in C

To read the file, open it with fopen in binary mode, then repeatedly call fread to fetch records. Use feof to detect end-of-file. Here's a minimal snippet:

#include <stdio.h>
#include <utmp.h>
#include <time.h>

void read_wtmp(const char *filename) {
    FILE *fp = fopen(filename, "rb");
    if (!fp) { perror(filename); return; }
    struct utmp record;
    while (fread(&record, sizeof(record), 1, fp) == 1) {
        printf("%s %s %ld\n", record.ut_user, record.ut_line, record.ut_tv.tv_sec);
    }
    fclose(fp);
}

Command-Line Option Parsing

The logdata command supports options -a, -s, and -f. Use getopt from <unistd.h> to parse them. Remember to handle the case where no username is given (default to current user). The -a flag lists all users, overriding any username arguments. The -s flag prints a summary total line. The -f flag specifies an alternative wtmp file.

Example getopt Usage

#include <unistd.h>

int main(int argc, char *argv[]) {
    int opt;
    int a_flag = 0, s_flag = 0;
    char *wtmp_path = "/var/log/wtmp";
    while ((opt = getopt(argc, argv, "asf:")) != -1) {
        switch (opt) {
            case 'a': a_flag = 1; break;
            case 's': s_flag = 1; break;
            case 'f': wtmp_path = optarg; break;
            default: fprintf(stderr, "Usage: %s [-a] [-s] [-f file] [username ...]\n", argv[0]); return 1;
        }
    }
    // remaining arguments are usernames
}

Computing Login Durations

The core algorithm: for each username, track all login events and their corresponding logout events. A login is a record with ut_type == USER_PROCESS. A logout can be DEAD_PROCESS on the same terminal, or a RUN_LVL record indicating a shutdown/reboot. Sessions still in progress (no matching logout) are excluded. Use a hash map or simple linked list to match logins to logouts by terminal line. Sum the durations (logout time - login time) for each user.

Time Formatting

Output must be human-readable: days, hours, minutes, seconds, with pluralization. For example, 3661 seconds becomes "1 hour 1 sec" (since 0 days, 1 hour, 1 minute, 1 second? Actually 3661 = 1h 1m 1s). Implement a function that converts total seconds to a string, omitting zero-valued units and adjusting plural forms.

void print_duration(long total_sec) {
    int days = total_sec / 86400;
    int hours = (total_sec % 86400) / 3600;
    int mins = (total_sec % 3600) / 60;
    int secs = total_sec % 60;
    if (days > 0) printf("%d day%s ", days, days == 1 ? "" : "s");
    if (hours > 0) printf("%d hour%s ", hours, hours == 1 ? "" : "s");
    if (mins > 0) printf("%d min%s ", mins, mins == 1 ? "" : "s");
    printf("%d sec%s\n", secs, secs == 1 ? "" : "s");
}

Handling Edge Cases

  • No wtmp file: Print error to stderr.
  • No logins for user: Display "0 seconds".
  • Multiple logins on same terminal: Only the most recent unmatched login is considered.
  • Shutdown/reboot: Treat as logout for all active sessions.

Putting It All Together

Your program should open the wtmp file, read all records, build a data structure of login/logout pairs per user, compute total seconds, then print formatted output for each requested user. If -a is given, iterate over all users found. If -s, compute and print a grand total line at the end. Remember to close the file and free memory.

Real-World Application: Session Analytics

In 2026, companies like Google and Microsoft use similar techniques to analyze employee login patterns for security anomaly detection. Gaming platforms like Steam track player session times to generate engagement reports. Even AI training clusters monitor user sessions to allocate resources efficiently. By mastering wtmp parsing, you're learning the foundation of many modern analytics tools.

Testing Your Program

Test with sample wtmp files (you can generate dummy records using struct utmp and fwrite). Verify output formatting matches the specification exactly. Use diff to compare with expected output.

Common Pitfalls

  • Forgetting to handle binary mode ("rb").
  • Not checking fread return value.
  • Mixing up ut_tv fields (some systems use ut_time).
  • Ignoring timezone issues (use UTC).

Conclusion

Building the logdata tool is a rite of passage for C programmers. It combines file I/O, data structures, time manipulation, and user interface design. Whether you're aiming for a career in systems programming, cybersecurity, or DevOps, these skills are indispensable. Start coding today and you'll have a robust login statistics tool that rivals professional implementations.