Skip to content


w will not work in future versions of shadow due to login not recording any utmp entries:

  • Either link or preload using LD_PRELOAD=libutmps
  • We can rely on musl’s utmp.h (after patching) and only remove its utmpx.h
  • lh-bootstrap also has instructions on how to improve linking to utmps and skarnet (try it for toybox)

skarnet: “All in all, I believe the flexibility it offers overweighs the inconvenience of having to run services before providing utmp/wtmp.”

utmps is a solution to systems using s6, and won’t work for systemd, and it implements utmpx safely using a daemon

  • utmp.h has been deprecated in 2001 in favor of utmpx.h

  • On Glibc systems the former utmp.h is just an alias (or a symlink) for the latter utmpx.h

  • On musl libc, utmps can be used to provide utmpx functionality - but not utmp (This means that applications like procps-ng either don’t work properly (w shows nothing under musl with default no-op implementation), or fails to build (utmps provides utmpx.h but no utmp.h)

  • utmps also uses a daemon as the only authority to manage the utmp and wtmp data, which is an extra service to consider

  • we also need to remove the stub header utmpx.h (and maybe even utmp.h) provided by musl if you plan on using skarnet’s utmps

  • we also need to patch multiple software to support utmpx.h instead of utmp.h since utmps only provides the latter. Here’s a list of packages using utmp h (that might require patching) that I compiled based on my experiments in glaucus:

    • autoconf
    • gcc (in libsanitizer)
    • musl
    • procps-ng (for w and whattime)
    • shadow
    • toybox (some pending tools)
    • util-linux (for agetty)

From the musl wiki FAQ:

Q: Why is the utmp/wtmp functionality only implemented as stubs?

  • if the feature is implemented, you need to take additional measures to protect your user’s privacy
  • in order to use the utmp/wtmp feature, you need a suid/sgid binary to modify the database, which opens the door for security issues:
  • if you compromise those binaries, you can inject arbitrary data into the db, that other programs might interpret in exploitable ways
  • that’s a HUGE risk to pay for the sake of a basically-useless and possibly-harmful “feature”

The only distribution (other than glaucus) that has a working utmps with s6, musl and other packages is Adélie Linux

For further reading:

  • w, getty, tmux, libutempter, shadow, util-linux, procps-ng all use utmp/utmpx (For utmps)


When these are removed, distros are using systemd journal and logind to replace them: