The server is Ubuntu 11.10.
When I issue the "last" command from the command line, it gives the following output:
# last
last: read failed!
wtmp begins Fri Apr 18 15:47:48 2014
This I suspect is happening after a probable hacking attempt on the server, which we have dealt with now. But the "last" command continues not to work. I suspect the hacker disabled this command from working, so that they could cover their trails.
The question is why the command doesn't work and how do I get it fixed so that it works as intended?
Thanks for your expert insight.