Search Results

Search found 26 results on 2 pages for 'auditd'.

Page 1/2 | 1 2  | Next Page >

  • Suggestion for auditd set-up

    - by JVerstry
    Hi, I am trying to learn about securing a Linux box (I am using Ubuntu). Auditd is recommended for monitoring activities on the node. I have managed to install it, but I can't find much information about proper set-up to secure my node. How should I set-up auditd to make my node more secure? What should I monitor? Why? I am looking for set-up examples and recommendation from experienced administrators. Thanks!

    Read the article

  • Alternatives to auditd and inotify for monitoring file deletion

    - by Tola Odejayi
    I'm trying to figure out which processes are deleting files from a specific directory on my CentOS server. I looked at inotify, but all this does is to tell me how many file deletions are occurring; it does not tell me what process run by which user did the deletions, nor does it tell me when they happened. I also tried auditd, but I have had no luck in getting it set up on my server. Does anyone have any other tool they can suggest that will do this?

    Read the article

  • Problems getting auditd set up on my server

    - by Tola Odejayi
    I'm trying to figure out which processes are deleting files from a specific directory, so I want to set up and run auditd on my system. I've set up the following rule in audit.rules: -w S unlink -S truncate -S ftruncate -a exit,always -k cache_deletion -w /home/myfolder/cache Then I type this to start the audit daemon: auditctl -R /etc/audit/audit.rules -e 1 But I get this error message: Error - nested rule files not supported Does anyone know what I am doing wrong here, and how I can resolve this? Also, what do I have to do to get the daemon running at startup?

    Read the article

  • difference between success and failed event in auditd/aureport

    - by user112358132134
    The aureport command has two options that limit the list of displayed events to those that were successful and those that failed. Per the man page: --failed Only select failed events for processing in the reports. The default is both success and failed events. --success Only select successful events for processing in the reports. The default is both success and failed events. What does this mean? Is the failure/success with regard to the actual event (e.g., a syscall that returned non-zero) or does the failure/success apply to auditd and whether or not there was an issue in processing the event?

    Read the article

  • Unable to start auditd

    - by George Reith
    I am on CentOS 5.8 final I recently installed auditd via yum install audit however I am unable to start it. I edited the configuration file to give a verbose output of the error it is recieving in starting up and this is the output: # service auditd start Starting auditd: Config file /etc/audit/auditd.conf opened for parsing log_file_parser called with: /var/log/audit/audit.log log_format_parser called with: RAW log_group_parser called with: root priority_boost_parser called with: 4 flush_parser called with: INCREMENTAL freq_parser called with: 20 num_logs_parser called with: 4 qos_parser called with: lossy dispatch_parser called with: /sbin/audispd name_format_parser called with: NONE max_log_size_parser called with: 5 max_log_size_action_parser called with: ROTATE space_left_parser called with: 75 space_action_parser called with: SYSLOG action_mail_acct_parser called with: root admin_space_left_parser called with: 50 admin_space_left_action_parser called with: SUSPEND disk_full_action_parser called with: SUSPEND disk_error_action_parser called with: SUSPEND tcp_listen_queue_parser called with: 5 tcp_max_per_addr_parser called with: 1 tcp_client_max_idle_parser called with: 0 enable_krb5_parser called with: no GSSAPI support is not enabled, ignoring value at line 30 krb5_principal_parser called with: auditd GSSAPI support is not enabled, ignoring value at line 31 Started dispatcher: /sbin/audispd pid: 3097 type=DAEMON_START msg=audit(1339336882.187:9205): auditd start, ver=1.8 format=raw kernel=2.6.32-042stab056.8 auid=4294967295 pid=3095 res=success config_manager init complete Error setting audit daemon pid (Connection refused) type=DAEMON_ABORT msg=audit(1339336882.189:9206): auditd error halt, auid=4294967295 pid=3095 res=failed Unable to set audit pid, exiting The audit daemon is exiting. Error setting audit daemon pid (Connection refused) [FAILED] The only information I can find online is that this may be due to SELinux, however SELinux is giving me problems of it's own. No matter what I do it appears to be disabled (I want to enable it). The configuration is set to enforced and the server has been rebooted many a time however sestatus still returns SELinux status: disabled. Can anyone shine some light on this problem? EDIT: I don't know if it is related but I noticed the following message appearing in my /var/log/messages Jun 10 16:25:22 s1 iscsid: iSCSI logger with pid=2056 started! Jun 10 16:25:22 s1 iscsid: Missing or Invalid version from /sys/module/scsi_transport_iscsi/version. Make sure a up to date scsi_transport_iscsi module is loaded and a up todate version of iscsid is running. Exiting... I try to start the iSCSI daemon myself (I have not a clue what it does; I am a linux newbie) and I get the following error: Starting iSCSI daemon: FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory [FAILED] If I go to /lib/modules/ I notice the directory exists but is completely empty.

    Read the article

  • Trying to make changes to the size of the events buffer in prelude-ids auditd plugin

    - by tharris
    I am running systems using the prelude-ids plugin for auditd. When the manager is up every thing works fine however I have a requirement that when the clients can't talk to the manager they should store no more than 250MB of messages, and when they hit that point they should start deleting the oldest events. All I can find is that audispd can be set to an overflow action of ignore,syslog,suspend,single, and halt none of which meet my requirement, and several of which I really cannot use. Does anyone know a way to do this? I know the events get stored in /var/spool/prelude/auditd/global, but I can't find anything about configuring how things are stored here. There are usually several files in the global directory but only 2 of them ever go above 0 in size, data0 and data0.journal.

    Read the article

  • problem of setting audit rules: Syscall name unknown: stime

    - by zhaojing
    I am setting audit rules in /etc/audit/audit.rules. As the requirement : The audit system should be configured to audit all administrative, privileged, and security actions. So I add one line into /etc/audit/auditd.rules: -a exit,always -S stime -S acct -S reboot -S swapon However, after I restart audit.d by service auditd restart: There is error comeout: Stopping auditd: [ OK ] Starting auditd: [ OK ] Syscall name unknown: stime There was an error in line 14 of /etc/audit/audit.rules It seems stime can't be recognized. Could anybody help me to find out what is wrong with my added rule? Thanks a lot!

    Read the article

  • File audit in Linux: how to watch directory tree for deletions?

    - by FractalizeR
    Hello. I have a forum script running on server and somehow small number of attachments begin to get lost. I want to find out what is deleting them and at what time. How can I setup Linux auditd (auditctl) to watch directory tree (attachments are stored inside multi-level directory tree) to watch for file deletions there? May be I should use some other tool for this?

    Read the article

  • linux automatic change permissions in resolv.file

    - by rikr
    In various linux servers I see how the permissions of the /etc/resolv.conf file change automatically. In state normal: -r--r--r-- 1 root root 103 Jul 4 11:50 resolv.conf In changed state: -r--r----- 1 root root 103 Jul 4 11:50 resolv.conf I installed auditd for monitoring it, and these are the two entries between the change: type=PATH msg=audit(07/04/2012 12:20:02.719:303) : item=0 name=/etc/resolv.conf inode=137102 dev=fe:00 mode=file,644 ouid=root ogid=root rdev=00:00 type=CWD msg=audit(07/04/2012 12:20:02.719:303) : cwd=/ type=SYSCALL msg=audit(07/04/2012 12:20:02.719:303) : arch=x86_64 syscall=open success=yes exit=3 a0=7feeb1405dec a1=0 a2=1b6 a3=0 items=1 ppid=1585 pid=3445 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=4294967295 comm=hostid exe=/usr/bin/hostid key=(null) type=PATH msg=audit(07/04/2012 12:50:03.727:304) : item=0 name=/etc/resolv.conf inode=137102 dev=fe:00 mode=file,440 ouid=root ogid=root rdev=00:00 type=CWD msg=audit(07/04/2012 12:50:03.727:304) : cwd=/ type=SYSCALL msg=audit(07/04/2012 12:50:03.727:304) : arch=x86_64 syscall=open success=yes exit=3 a0=7f2bcf7abdec a1=0 a2=1b6 a3=0 items=1 ppid=1585 pid=3610 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=4294967295 comm=hostid exe=/usr/bin/hostid key=(null) any ideas?

    Read the article

  • Logging violations of rules in limits.conf

    - by PaulDaviesC
    I am trying to log the details of the programs that where failed due to the limit cap defined in the limits.conf. My initial plan was to do it using the audit system. The idea was to track the system calls related to limits in the limits.conf that where failed. However the problem with this approach is that , it is not possible to track the violations of cpu time, since that violation do not involve failure of system calls. In the case of CPU time , one thing happens is that the program which violated the cpu time will be delivered a SIGXCPU. So my question is how should I go about logging the programs that violated CPU time? Also is there any limits.conf specific logs available?

    Read the article

  • How can I see which applications have accessed a certain file within a given time period on Linux?

    - by Nikolaidis Fotis
    Is it possible on Linux to find out which applications have accessed a certain file in the last 24 hours? I've come with a few possible solutions: Watch lsof. It works, but it's constrained to watch's granularity. inotify sounds good... but no information of the application accessing the file is provided. auditd may be useful, but I haven't checked that yet. What ways can I see which applications have accessed a certain file within a given time period?

    Read the article

  • linux audit - exclude a process that updates the time

    - by user185704
    I have set my auditd rules to log when the system time is changed However, our servers are VMs and thus have problems with the time drifting out. We needed to solve this issue so we used a VMware tool to regularly synchronize the time. My problem now is that my audit logs are overwhelmed with time change entries like this: Jun 1 15:08:39 ***** audispd: node=****** type=SYSCALL msg=audit(1338559719.053:344291): arch=c000003e syscall=159 success=yes exit=5 a0=7ffff2084050 a1=0 a2=144b a3=485449575f4c4c55 items=0 ppid=1 pid=1348 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="vmtoolsd" exe="/usr/lib/vmware-tools/bin64/appLoader" key="time_change" How can I exclude this vmware tool from the audit, but still capture a user changing the time? Here are my current audit rules to capture time changes: -a always,exit -F arch=b32 -S adjtimex -S settimeofday -k time_change -a always,exit -F arch=b32 -S clock_settime -k time_change

    Read the article

  • central log-server with auditdisp

    - by johan
    I want to setup a central log-server. The log-server is running with debian 6.0.6 and the audit daemon is installed in version 1.7.13-1. The Clients are running with Red Hat 5.5 and they connect to the log-server via audispd. The connection works fine and i get all messages from each node. My questions is: is it possible that the auditd daemon from the log server write the messages from each node in a separate file? I try to transfer the messages via the syslog daemon, that works but i can not use tools like ausearch to analyze these log-files.

    Read the article

  • New CentOS/cPanel servers showing high load averages at idle

    - by Jax
    I have taken delivery of two identically specced CentOS/cPanel servers, showing the same behaviour of a resting load average of 1.30, 1.21, 1.16 and yet the CPU is sitting 100% idle. Hardware: Xeon(R) CPU E3-1270 4GB RAM Behavior:- top shows CPU 99.9% idle virtually no disk IO Some command output :- uname -a Linux server.myserver.com 2.6.18-308.4.1.el5PAE #1 SMP Tue Apr 17 17:47:38 EDT 2012 i686 i686 i386 GNU/Linux top top - 10:37:50 up 1:47, 1 user, load average: 1.28, 1.20, 1.17 Tasks: 199 total, 1 running, 198 sleeping, 0 stopped, 0 zombie Cpu(s): 0.0%us, 0.0%sy, 0.0%ni, 99.9%id, 0.1%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 4125104k total, 438764k used, 3686340k free, 25788k buffers Swap: 2096440k total, 0k used, 2096440k free, 291080k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 1 root 15 0 2160 640 552 S 0.0 0.0 0:00.89 init 2 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/0 3 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0 4 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/0 5 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/1 6 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/1 7 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/1 8 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/2 9 root 35 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/2 10 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/2 11 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/3 12 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/3 13 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/3 14 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/4 15 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/4 16 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/4 17 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/5 18 root 38 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/5 19 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/5 20 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/6 21 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/6 22 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/6 23 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/7 24 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/7 25 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/7 26 root 10 -5 0 0 0 S 0.0 0.0 0:06.42 events/0 27 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/1 28 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/2 29 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/3 30 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/4 31 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/5 32 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/6 33 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/7 34 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 khelper 35 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kthread 45 root 13 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/0 46 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/1 47 root 14 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/2 48 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/3 49 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/4 50 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/5 51 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/6 52 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/7 53 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kacpid 189 root 11 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/0 190 root 11 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/1 191 root 12 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/2 192 root 12 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/3 193 root 13 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/4 194 root 13 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/5 195 root 14 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/6 196 root 14 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/7 199 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 khubd ps axf PID TTY STAT TIME COMMAND 1 ? Ss 0:00 init [3] 2 ? S< 0:00 [migration/0] 3 ? SN 0:00 [ksoftirqd/0] 4 ? S< 0:00 [watchdog/0] 5 ? S< 0:00 [migration/1] 6 ? SN 0:00 [ksoftirqd/1] 7 ? S< 0:00 [watchdog/1] 8 ? S< 0:00 [migration/2] 9 ? SN 0:00 [ksoftirqd/2] 10 ? S< 0:00 [watchdog/2] 11 ? S< 0:00 [migration/3] 12 ? SN 0:00 [ksoftirqd/3] 13 ? S< 0:00 [watchdog/3] 14 ? S< 0:00 [migration/4] 15 ? SN 0:00 [ksoftirqd/4] 16 ? S< 0:00 [watchdog/4] 17 ? S< 0:00 [migration/5] 18 ? SN 0:00 [ksoftirqd/5] 19 ? S< 0:00 [watchdog/5] 20 ? S< 0:00 [migration/6] 21 ? SN 0:00 [ksoftirqd/6] 22 ? S< 0:00 [watchdog/6] 23 ? S< 0:00 [migration/7] 24 ? SN 0:00 [ksoftirqd/7] 25 ? S< 0:00 [watchdog/7] 26 ? S< 0:06 [events/0] 27 ? S< 0:00 [events/1] 28 ? S< 0:00 [events/2] 29 ? S< 0:00 [events/3] 30 ? S< 0:00 [events/4] 31 ? S< 0:00 [events/5] 32 ? S< 0:00 [events/6] 33 ? S< 0:00 [events/7] 34 ? S< 0:00 [khelper] 35 ? S< 0:00 [kthread] 45 ? S< 0:00 \_ [kblockd/0] 46 ? S< 0:00 \_ [kblockd/1] 47 ? S< 0:00 \_ [kblockd/2] 48 ? S< 0:00 \_ [kblockd/3] 49 ? S< 0:00 \_ [kblockd/4] 50 ? S< 0:00 \_ [kblockd/5] 51 ? S< 0:00 \_ [kblockd/6] 52 ? S< 0:00 \_ [kblockd/7] 53 ? S< 0:00 \_ [kacpid] 189 ? S< 0:00 \_ [cqueue/0] 190 ? S< 0:00 \_ [cqueue/1] 191 ? S< 0:00 \_ [cqueue/2] 192 ? S< 0:00 \_ [cqueue/3] 193 ? S< 0:00 \_ [cqueue/4] 194 ? S< 0:00 \_ [cqueue/5] 195 ? S< 0:00 \_ [cqueue/6] 196 ? S< 0:00 \_ [cqueue/7] 199 ? S< 0:00 \_ [khubd] 201 ? S< 0:00 \_ [kseriod] 301 ? S 0:00 \_ [khungtaskd] 302 ? S 0:00 \_ [pdflush] 303 ? S 0:00 \_ [pdflush] 304 ? S< 0:00 \_ [kswapd0] 305 ? S< 0:00 \_ [aio/0] 306 ? S< 0:00 \_ [aio/1] 307 ? S< 0:00 \_ [aio/2] 308 ? S< 0:00 \_ [aio/3] 309 ? S< 0:00 \_ [aio/4] 310 ? S< 0:00 \_ [aio/5] 311 ? S< 0:00 \_ [aio/6] 312 ? S< 0:00 \_ [aio/7] 472 ? S< 0:00 \_ [kpsmoused] 551 ? S< 0:00 \_ [ata/0] 552 ? S< 0:00 \_ [ata/1] 553 ? S< 0:00 \_ [ata/2] 554 ? S< 0:00 \_ [ata/3] 555 ? S< 0:00 \_ [ata/4] 556 ? S< 0:00 \_ [ata/5] 557 ? S< 0:00 \_ [ata/6] 558 ? S< 0:00 \_ [ata/7] 559 ? S< 0:00 \_ [ata_aux] 569 ? S< 0:00 \_ [scsi_eh_0] 570 ? S< 0:00 \_ [scsi_eh_1] 571 ? S< 0:00 \_ [scsi_eh_2] 572 ? S< 0:00 \_ [scsi_eh_3] 573 ? S< 0:00 \_ [scsi_eh_4] 574 ? S< 0:00 \_ [scsi_eh_5] 593 ? S< 0:00 \_ [kstriped] 630 ? S< 0:00 \_ [kjournald] 655 ? S< 0:00 \_ [kauditd] 1860 ? S< 0:00 \_ [kmpathd/0] 1861 ? S< 0:00 \_ [kmpathd/1] 1862 ? S< 0:00 \_ [kmpathd/2] 1863 ? S< 0:00 \_ [kmpathd/3] 1864 ? S< 0:00 \_ [kmpathd/4] 1865 ? S< 0:00 \_ [kmpathd/5] 1866 ? S< 0:00 \_ [kmpathd/6] 1867 ? S< 0:00 \_ [kmpathd/7] 1868 ? S< 0:00 \_ [kmpath_handlerd] 1902 ? S< 0:00 \_ [kjournald] 1904 ? S< 0:00 \_ [kjournald] 1906 ? S< 0:00 \_ [kjournald] 1908 ? S< 0:00 \_ [kjournald] 1910 ? S< 0:00 \_ [kjournald] 2184 ? S< 0:00 \_ [iscsi_eh] 2288 ? S< 0:00 \_ [cnic_wq] 2298 ? S< 0:00 \_ [bnx2i_thread/0] 2299 ? S< 0:00 \_ [bnx2i_thread/1] 2300 ? S< 0:00 \_ [bnx2i_thread/2] 2301 ? S< 0:00 \_ [bnx2i_thread/3] 2302 ? S< 0:00 \_ [bnx2i_thread/4] 2303 ? S< 0:00 \_ [bnx2i_thread/5] 2304 ? S< 0:00 \_ [bnx2i_thread/6] 2305 ? S< 0:00 \_ [bnx2i_thread/7] 2330 ? S< 0:00 \_ [ib_addr] 2359 ? S< 0:00 \_ [ib_mcast] 2360 ? S< 0:00 \_ [ib_inform] 2361 ? S< 0:00 \_ [local_sa] 2371 ? S< 0:00 \_ [iw_cm_wq] 2381 ? S< 0:00 \_ [ib_cm/0] 2382 ? S< 0:00 \_ [ib_cm/1] 2383 ? S< 0:00 \_ [ib_cm/2] 2384 ? S< 0:00 \_ [ib_cm/3] 2385 ? S< 0:00 \_ [ib_cm/4] 2386 ? S< 0:00 \_ [ib_cm/5] 2387 ? S< 0:00 \_ [ib_cm/6] 2388 ? S< 0:00 \_ [ib_cm/7] 2398 ? S< 0:00 \_ [rdma_cm] 2684 ? S< 0:00 \_ [bond0] 2882 ? S< 0:00 \_ [bond1] 3195 ? S< 0:00 \_ [kondemand/0] 3197 ? S< 0:00 \_ [kondemand/1] 3198 ? S< 0:00 \_ [kondemand/2] 3199 ? S< 0:00 \_ [kondemand/3] 3200 ? S< 0:00 \_ [kondemand/4] 3201 ? S< 0:00 \_ [kondemand/5] 3202 ? S< 0:00 \_ [kondemand/6] 3203 ? S< 0:00 \_ [kondemand/7] 688 ? S<s 0:00 /sbin/udevd -d 2425 ? S<Lsl 0:00 iscsiuio 2432 ? Ss 0:00 iscsid 2434 ? S<Ls 0:00 iscsid 3061 ? S<sl 0:00 auditd 3063 ? S<sl 0:00 \_ /sbin/audispd 3121 ? Ss 0:00 syslogd -m 0 3124 ? Ss 0:00 klogd -x 3220 ? Ss 0:00 irqbalance 3278 ? Ss 0:00 dbus-daemon --system 3324 ? Ss 0:00 /usr/sbin/acpid 3337 ? Ss 0:00 hald 3338 ? S 0:00 \_ hald-runner 3345 ? S 0:00 \_ hald-addon-acpi: listening on acpid socket /var/run/acpid.socket 3349 ? S 0:00 \_ hald-addon-keyboard: listening on /dev/input/event1 3360 ? S 0:00 \_ hald-addon-storage: polling /dev/sr0 3413 ? Ssl 0:00 automount 3435 ? Ssl 0:00 /usr/sbin/named -u named 3466 ? Ss 0:00 /usr/sbin/sshd 4072 ? Ss 0:00 \_ sshd: root@pts/0 4078 pts/0 Ss 0:00 \_ -bash 5436 pts/0 R+ 0:00 \_ ps axf 3484 ? Ss 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid 3500 ? SLs 0:00 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g 3514 ? S 0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/var/lib/mysql/server.myserver.com.pid 3575 ? Sl 0:00 \_ /usr/sbin/mysqld --basedir=/ --datadir=/var/lib/mysql --user=mysql --log-error=/var/lib/mysql/server.myserver.com.err --pid-fil 3687 ? Ss 0:00 /usr/sbin/exim -bd -q1h 3709 ? Ss 0:00 /usr/sbin/dovecot 3710 ? S 0:00 \_ dovecot-auth 3725 ? S 0:00 \_ pop3-login 3726 ? S 0:00 \_ pop3-login 3727 ? S 0:00 \_ imap-login 3728 ? S 0:00 \_ imap-login 3729 ? Ss 0:00 /usr/local/apache/bin/httpd -k start -DSSL 4326 ? S 0:00 \_ /usr/bin/perl /usr/local/cpanel/bin/leechprotect 4332 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4333 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4334 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4335 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4336 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4337 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4382 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4383 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 4384 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 5389 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 5390 ? S 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL 3741 ? Ss 0:00 pure-ftpd (SERVER) 3746 ? S 0:00 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/sbin/pureauth 3759 ? Ss 0:00 crond 3772 ? Ss 0:00 /usr/sbin/atd 3909 ? S 0:00 cpsrvd (SSL) - waiting for connections 5435 ? Z 0:00 \_ [cpsrvd-ssl] <defunct> 3931 ? S 0:00 queueprocd - wait to process a task 3948 ? S 0:00 tailwatchd 3954 ? SN 0:00 cpanellogd - sleeping for logs 4003 ? Ss 0:00 ./nimbus /opt/nimsoft 4016 ? S 0:00 \_ nimbus(controller) 4053 ? Sl 0:00 \_ nimbus(spooler) 4066 ? S 0:00 \_ nimbus(hdb) 4069 ? S 0:00 \_ nimbus(cdm) 4070 ? S 0:00 \_ nimbus(processes) 4023 ? S 0:00 /usr/sbin/smartd -q never 4027 tty1 Ss+ 0:00 /sbin/mingetty tty1 4028 tty2 Ss+ 0:00 /sbin/mingetty tty2 4029 tty3 Ss+ 0:00 /sbin/mingetty tty3 4030 tty4 Ss+ 0:00 /sbin/mingetty tty4 4031 tty5 Ss+ 0:00 /sbin/mingetty tty5 4033 tty6 Ss+ 0:00 /sbin/mingetty tty6 4035 ttyS1 Ss+ 0:00 /sbin/agetty -h -L ttyS1 19200 vt100 vmstat 10 6 procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------ r b swpd free buff cache si so bi bo in cs us sy id wa st 0 0 0 3718136 25684 257424 0 0 8 3 127 189 0 0 100 0 0 0 0 0 3718136 25700 257420 0 0 0 7 1013 1500 0 0 100 0 0 0 0 0 3718136 25700 257424 0 0 0 1 1013 1551 0 0 100 0 0 0 0 0 3718136 25700 257424 0 0 0 0 1012 1469 0 0 100 0 0 1 0 0 3712680 25716 257424 0 0 0 2 1013 1542 0 0 100 0 0 0 0 0 3718376 25740 257424 0 0 0 46 1017 1534 0 0 100 0 0 Can anyone advise me as to what is the cause of and how I may resolve this behaviour? A kernel/driver conflict perhaps? I don't see any processes in R or D state that might inflate the load averages artificially, I realise it may be considered low in an 8 thread system but its higher at idle than any normal behaviour I've previously come across. Thanks in advance for your time. Edit: iotop Total DISK READ: 0.00 B/s | Total DISK WRITE: 0.00 B/s TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND 26 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.29 % [events/0] 3205 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.10 % [kondemand/2] 3208 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kondemand/5] 3209 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kondemand/6] 3207 be/3 root 0.00 B/s 0.00 B/s 0.10 % 0.00 % [kondemand/4] 3210 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kondemand/7] 3227 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % irqbalance 3288 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [rpciod/1] 3287 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [rpciod/0] 3206 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kondemand/3] 3069 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % auditd 3070 be/2 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % audispd 655 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kauditd] 3619 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % automount 3 be/7 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [ksoftirqd/0] 3068 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % auditd 29 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [events/3] 4 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/0] 7 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/1] 10 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/2] 13 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/3] 16 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/4] 19 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/5] 22 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/6] 25 rt/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [watchdog/7] 27 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [events/1] 28 be/3 root 0.00 B/s 0.00 B/s 0.29 % 0.00 % [events/2] 30 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [events/4] 31 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [events/5] 32 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [events/6] 33 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [events/7] 34 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [khelper] 35 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kthread] 45 be/3 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kblockd/0]

    Read the article

  • Random Server shutdown? - CentOS

    - by Kevin Hammett
    My system was working fine, and then it just had a random restart. Anyone have any idea of the problem? The message log: Jul 6 22:56:34 909I7 shutdown[719711]: shutting down for system halt Jul 6 22:56:34 909I7 init: Switching to runlevel: 0 Jul 6 22:56:35 909I7 smartd[10743]: smartd received signal 15: Terminated Jul 6 22:56:35 909I7 smartd[10743]: smartd is exiting (exit status 0) Jul 6 22:56:42 909I7 hcid[8749]: Got disconnected from the system message bus Jul 6 22:56:42 909I7 auditd[8430]: The audit daemon is exiting. Jul 6 22:56:42 909I7 kernel: audit(1341640602.922:344412): audit_pid=0 old=8430 by auid$ Jul 6 22:56:43 909I7 pcscd: pcscdaemon.c:572:signal_trap() Preparing for suicide Jul 6 22:56:43 909I7 pcscd: hotplug_libusb.c:376:HPRescanUsbBus() Hotplug stopped Jul 6 22:56:44 909I7 pcscd: readerfactory.c:1379:RFCleanupReaders() entering cleaning f$ Jul 6 22:56:44 909I7 pcscd: pcscdaemon.c:532:at_exit() cleaning /var/run Jul 6 22:56:44 909I7 kernel: Kernel logging (proc) stopped. Jul 6 22:56:44 909I7 kernel: Kernel log daemon terminating. Jul 6 22:56:45 909I7 exiting on signal 15

    Read the article

  • Kernel Logging disabled?

    - by Tiffany Walker
    uname -a Linux host 2.6.32-279.9.1.el6.i686 #1 SMP Tue Sep 25 20:26:47 UTC 2012 i686 i686 i386 GNU/Linux And start ups: ls /etc/init.d/ abrt-ccpp certmonger dovecot irqbalance matahari-broker mdmonitor nfs proftpd rpcbind single ypbind abrtd cgconfig functions kdump matahari-host messagebus nfslock psacct rpcgssd smartd abrt-oops cgred haldaemon killall matahari-network mysqld ntpd qpidd rpcidmapd sshd acpid cpuspeed halt ktune matahari-rpc named ntpdate quota_nld rpcsvcgssd sssd atd crond httpd lfd ma tahari-service netconsole oddjobd rdisc rsyslog sysstat auditd csf ip6tables lvm2-lvmetad matahari-sysconfig netfs portreserve restorecond sandbox tuned autofs cups iptables lvm2-monitor matahari-sysconfig-console network postfix rngd saslauthd udev-post But when I installed CSF/LFD I am getting nothing. LFD does not create lfd.log and nor are any blocks being logged in /var/log/messages either from the firewall. This is not natural. I looked for klogd but maybe I am looking in the wrong place for it to see if it is enabled? ls /etc/init.d/syslog ls: cannot access /etc/init.d/syslog: No such file or directory Also noticed no syslog? Also noticed this: csf -d 84.113.21.201 Adding 84.113.21.201 to csf.deny and iptables DROP... iptables: No chain/target/match by that name. iptables: No chain/target/match by that name. I've never seen this before and this is a dedicated box. Also: ./csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK RESULT: csf should function on this server iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination

    Read the article

  • What program sent which packet to the network [closed]

    - by Erik Johansson
    I would like to have a tcpdump like program that shows which program sent a specific packet, instead of just getting the port number. This is a generic problem I've had on and off sometimes when you have and old tcpdump file lying around you have no way to find what program was sending that data.. The solution in how i can identify which process is making UDP traffic on linux ? is an indication that I can solve this with auditd, dTrace, OProfile or SystemTap, but doesn't show how to do it. I.e. it doesn't show the source port of the program calling bind().. The problem I had was strange UDP packets, and since those ports are so short lived it took me a while to solve this issue. I solved this by running an ugly hack similar to: while true; date +%s.%N;netstat -panut;done So either a method better than this hack, a replacement for tcpdump, or some way to get this info from the kernel so I can patch tcpdump. EDIT: This was asked on superuser "tracking what programs sends to net", no good solution though.

    Read the article

  • task blocked for more than

    - by Manuel Sopena Ballesteros
    I have a webserver with the configuration below: VMWare ESXi environemt CPanel installed CentOS release 6.5 (Final) 4 CPUs 2G RAM 2x VM disks 100G each LVM system My issue is I am getting kernel panic quite frequently. These is a list of some processes blocked I could see from the console: mysqld queueprocd httpd suphp vmtoolsd loop0 auditd this is my sar logs Linux 2.6.32-431.3.1.el6.x86_64 (test01) 08/22/2014 _x86_64_ (4 CPU) 12:00:01 AM CPU %user %nice %system %iowait %steal %idle 12:10:01 AM all 26.86 0.01 0.98 0.57 0.00 71.57 12:20:01 AM all 1.78 0.02 1.03 0.08 0.00 97.09 12:30:01 AM all 26.34 0.02 0.85 0.05 0.00 72.74 12:40:01 AM all 27.12 0.01 1.11 1.22 0.00 70.54 12:50:01 AM all 1.59 0.02 0.94 0.13 0.00 97.32 01:00:01 AM all 26.10 0.01 0.77 0.04 0.00 73.07 01:10:01 AM all 27.51 0.01 1.16 0.14 0.00 71.18 01:20:01 AM all 1.80 0.07 1.06 0.08 0.00 96.99 01:30:01 AM all 26.19 0.01 0.78 0.05 0.00 72.96 01:40:01 AM all 26.62 0.02 0.87 0.05 0.00 72.45 01:50:02 AM all 1.35 0.01 0.87 0.02 0.00 97.75 02:00:01 AM all 26.11 0.02 0.69 0.02 0.00 73.17 02:10:01 AM all 26.73 0.02 0.89 0.14 0.00 72.21 02:20:01 AM all 1.45 0.01 0.92 0.04 0.00 97.58 02:30:01 AM all 26.59 0.01 1.06 0.03 0.00 72.31 02:40:01 AM all 26.27 0.01 0.72 0.05 0.00 72.95 02:50:01 AM all 0.86 0.01 0.50 0.09 0.00 98.53 03:00:01 AM all 25.61 0.02 0.39 0.03 0.00 73.96 03:10:01 AM all 26.30 0.08 0.66 0.14 0.00 72.82 03:20:01 AM all 0.81 0.01 0.51 0.04 0.00 98.63 03:30:02 AM all 26.15 0.02 0.53 0.07 0.00 73.24 03:40:01 AM all 26.06 0.01 0.47 0.04 0.00 73.42 03:50:01 AM all 0.96 0.02 0.51 0.03 0.00 98.48 Average: all 17.69 0.02 0.79 0.14 0.00 81.36 06:58:14 AM LINUX RESTART 07:00:01 AM CPU %user %nice %system %iowait %steal %idle 07:10:01 AM all 1.04 0.02 0.57 0.95 0.00 97.42 07:20:02 AM all 0.66 0.01 0.39 0.06 0.00 98.87 07:30:01 AM all 25.71 0.01 0.45 0.16 0.00 73.67 07:40:01 AM all 25.88 0.01 0.35 0.08 0.00 73.68 As you can see the server became unresponsive at 03.50 AM and I had to reset the VM at 06.58 AM to fix it. dmesg does not show any relevant information. I don't see any bottleneck in sar, any idea what can I check next? thank you very much

    Read the article

  • kernel panic after LVM setup

    - by Manuel Sopena Ballesteros
    I broke my webserver... My setup is: VMWare ESXi environemt CPanel installed CentOS release 6.5 (Final) 4 CPUs 2G RAM 2x VM disks 100G each LVM system This was my previous storage settings (the server was working fine at this time): # df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg_test01-lv_root 95G 1.4G 88G 2% / tmpfs 939M 0 939M 0% /dev/shm /dev/sdb1 99G 188M 94G 1% /tmp /dev/sda1 485M 54M 407M 12% /boot My web developer asked me to merge /tmp and / disks so this is what I did: Delete /dev/sdb1 partition using fdisk Create a new partition as LVM on /dev/sdb1 using fdisk Create a new physical volume -- pvcreate /dev/sdb1 Extend volume group -- vgextend /dev/sdb1 vg_test01 Extend logical volume -- lvextend -l +100%FREE /dev/vg_test01/lv_root Resize filesystem -- resize2fs /dev/vg_test01/lv_root This is the new configuration: # df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg_test01-lv_root 213G 105G 97G 52% / tmpfs 939M 0 939M 0% /dev/shm /dev/sda1 485M 54M 407M 12% /boot /usr/tmpDSK 4.0G 145M 3.6G 4% /tmp Since I have the new settings my web server is throwing kernel panics quite often (around every 2 days). The message says: INFO: task <taskName>:<pid> blocked for more than 120 seconds. The list of process affected that I can see from the console are: mysqld queueprocd httpd suphp vmtoolsd loop0 auditd The only way I can fix this is reseting (cold reboot) the VM. I don't think it is a hardware issue as sar is not showing any bottleneck: Linux 2.6.32-431.3.1.el6.x86_64 (test01) 08/22/2014 _x86_64_ (4 CPU) 12:00:01 AM CPU %user %nice %system %iowait %steal %idle 12:10:01 AM all 26.86 0.01 0.98 0.57 0.00 71.57 12:20:01 AM all 1.78 0.02 1.03 0.08 0.00 97.09 12:30:01 AM all 26.34 0.02 0.85 0.05 0.00 72.74 12:40:01 AM all 27.12 0.01 1.11 1.22 0.00 70.54 12:50:01 AM all 1.59 0.02 0.94 0.13 0.00 97.32 01:00:01 AM all 26.10 0.01 0.77 0.04 0.00 73.07 01:10:01 AM all 27.51 0.01 1.16 0.14 0.00 71.18 01:20:01 AM all 1.80 0.07 1.06 0.08 0.00 96.99 01:30:01 AM all 26.19 0.01 0.78 0.05 0.00 72.96 01:40:01 AM all 26.62 0.02 0.87 0.05 0.00 72.45 01:50:02 AM all 1.35 0.01 0.87 0.02 0.00 97.75 02:00:01 AM all 26.11 0.02 0.69 0.02 0.00 73.17 02:10:01 AM all 26.73 0.02 0.89 0.14 0.00 72.21 02:20:01 AM all 1.45 0.01 0.92 0.04 0.00 97.58 02:30:01 AM all 26.59 0.01 1.06 0.03 0.00 72.31 02:40:01 AM all 26.27 0.01 0.72 0.05 0.00 72.95 02:50:01 AM all 0.86 0.01 0.50 0.09 0.00 98.53 03:00:01 AM all 25.61 0.02 0.39 0.03 0.00 73.96 03:10:01 AM all 26.30 0.08 0.66 0.14 0.00 72.82 03:20:01 AM all 0.81 0.01 0.51 0.04 0.00 98.63 03:30:02 AM all 26.15 0.02 0.53 0.07 0.00 73.24 03:40:01 AM all 26.06 0.01 0.47 0.04 0.00 73.42 03:50:01 AM all 0.96 0.02 0.51 0.03 0.00 98.48 Average: all 17.69 0.02 0.79 0.14 0.00 81.36 06:58:14 AM LINUX RESTART 07:00:01 AM CPU %user %nice %system %iowait %steal %idle 07:10:01 AM all 1.04 0.02 0.57 0.95 0.00 97.42 07:20:02 AM all 0.66 0.01 0.39 0.06 0.00 98.87 07:30:01 AM all 25.71 0.01 0.45 0.16 0.00 73.67 07:40:01 AM all 25.88 0.01 0.35 0.08 0.00 73.68 07:50:01 AM all 1.13 0.02 0.55 0.11 0.00 98.19 As you can see the server became unresponsive at 03.50 AM and I had to reset the VM at 06.58 AM to bring the website up again. I would appreciate any help/assistance to fix this issue. thank you very much

    Read the article

  • I need to understand why my server turned off

    - by Dema
    Our organization was robbed and definitely it was inside job. I was set up. I work as a manager and as system administrator in this organization and everything goes against me. The only clue I have is that someone accidentally or intentionally turned of a server that is in the office indicating that some one was inside at the time that no one should be. This is the only evidence I have that can justify me.  I looked the log files and they show that the Power button was pressed. Can you help me to find out that that was not a bug or systems overheat? I will post the log files and if you will ask more I will gladly provide the information. Messages: Dec 24 21:43:14 jamx shutdown[27883]: shutting down for system halt Dec 24 21:43:15 jamx init: Switching to runlevel: 0 Dec 24 21:43:15 jamx smartd[3047]: smartd received signal 15: Terminated Dec 24 21:43:15 jamx smartd[3047]: smartd is exiting (exit status 0) Dec 24 21:43:15 jamx avahi-daemon[3015]: Got SIGTERM, quitting. Dec 24 21:43:15 jamx avahi-daemon[3015]: Leaving mDNS multicast group on interface eth0.IPv6 with address fe80::221:85ff:fe11:8221. Dec 24 21:43:15 jamx avahi-daemon[3015]: Leaving mDNS multicast group on interface eth0.IPv4 with address 82.207.41.239. Dec 24 21:43:15 jamx shutdown[27962]: shutting down for system halt Dec 24 21:43:15 jamx saslauthd[2983]: server_exit     : master exited: 2983 Dec 24 21:43:29 jamx nmbd[2921]: [2010/12/24 21:43:29, 0] nmbd/nmbd.c:terminate(58) Dec 24 21:43:29 jamx nmbd[2921]:   Got SIGTERM: going down... Dec 24 21:43:31 jamx clamd[2526]: Pid file removed. Dec 24 21:43:31 jamx clamd[2526]: --- Stopped at Fri Dec 24 21:43:31 2010 Dec 24 21:43:31 jamx clamd[2526]: Socket file removed. Dec 24 21:43:31 jamx mydns[2645]: jamx.org.ua up 9h44m48s (35088s) 117 questions (0/s) NOERROR=117 SERVFAIL=0 NXDOMAIN=0 NOTIMP=0 REFUSED=0 (100% TCP, 117 queries) Dec 24 21:43:31 jamx mydns[2645]: terminated Dec 24 21:43:34 jamx ntpd[2512]: ntpd exiting on signal 15 Dec 24 21:43:34 jamx hcid[2265]: Got disconnected from the system message bus Dec 24 21:43:35 jamx rpc.statd[2167]: Caught signal 15, un-registering and exiting. Dec 24 21:43:35 jamx portmap[28473]: connect from 127.0.0.1 to unset(status): request from unprivileged port Dec 24 21:43:35 jamx auditd[2021]: The audit daemon is exiting. Dec 24 21:43:35 jamx kernel: audit(1293219815.505:4044): audit_pid=0 old=2021 by auid=4294967295 Dec 24 21:43:35 jamx pcscd: pcscdaemon.c:572:signal_trap() Preparing for suicide Dec 24 21:43:36 jamx pcscd: hotplug_libusb.c:376:HPRescanUsbBus() Hotplug stopped Dec 24 21:43:36 jamx pcscd: readerfactory.c:1379:RFCleanupReaders() entering cleaning function Dec 24 21:43:36 jamx pcscd: pcscdaemon.c:532:at_exit() cleaning /var/run Dec 24 21:43:36 jamx kernel: Kernel logging (proc) stopped. Dec 24 21:43:36 jamx kernel: Kernel log daemon terminating. Dec 24 21:43:37 jamx exiting on signal 15 Acpid: [Fri Dec 24 21:43:14 2010] received event "button/power PWRF 00000080 00000001" [Fri Dec 24 21:43:14 2010] notifying client 2382[68:68] [Fri Dec 24 21:43:14 2010] executing action "/bin/ps awwux | /bin/grep gnome-power-manager | /bin/grep -qv grep || /sbin/shutdown -h now" [Fri Dec 24 21:43:14 2010] BEGIN HANDLER MESSAGES [Fri Dec 24 21:43:15 2010] END HANDLER MESSAGES [Fri Dec 24 21:43:15 2010] action exited with status 0 [Fri Dec 24 21:43:15 2010] completed event "button/power PWRF 00000080 00000001" [Fri Dec 24 21:43:15 2010] received event "button/power PWRF 00000080 00000002" [Fri Dec 24 21:43:15 2010] notifying client 2382[68:68] [Fri Dec 24 21:43:15 2010] executing action "/bin/ps awwux | /bin/grep gnome-power-manager | /bin/grep -qv grep || /sbin/shutdown -h now" [Fri Dec 24 21:43:15 2010] BEGIN HANDLER MESSAGES [Fri Dec 24 21:43:15 2010] END HANDLER MESSAGES [Fri Dec 24 21:43:15 2010] action exited with status 0 [Fri Dec 24 21:43:15 2010] completed event "button/power PWRF 00000080 00000002" [Fri Dec 24 21:43:34 2010] exiting

    Read the article

  • Frequent Kernel Panic on CentOS 6.5

    - by Manuel Sopena Ballesteros
    I have a webserver with the configuration below: VMWare ESXi environemt CPanel installed CentOS release 6.5 (Final) 4 CPUs 2G RAM 2x VM disks 100G each LVM system My issue is I am getting kernel panic quite frequently. These is a list of some processes blocked I could see from the console: mysqld queueprocd httpd suphp vmtoolsd loop0 auditd this is my sar logs Linux 2.6.32-431.3.1.el6.x86_64 (test01) 08/22/2014 _x86_64_ (4 CPU) 12:00:01 AM CPU %user %nice %system %iowait %steal %idle 12:10:01 AM all 26.86 0.01 0.98 0.57 0.00 71.57 12:20:01 AM all 1.78 0.02 1.03 0.08 0.00 97.09 12:30:01 AM all 26.34 0.02 0.85 0.05 0.00 72.74 12:40:01 AM all 27.12 0.01 1.11 1.22 0.00 70.54 12:50:01 AM all 1.59 0.02 0.94 0.13 0.00 97.32 01:00:01 AM all 26.10 0.01 0.77 0.04 0.00 73.07 01:10:01 AM all 27.51 0.01 1.16 0.14 0.00 71.18 01:20:01 AM all 1.80 0.07 1.06 0.08 0.00 96.99 01:30:01 AM all 26.19 0.01 0.78 0.05 0.00 72.96 01:40:01 AM all 26.62 0.02 0.87 0.05 0.00 72.45 01:50:02 AM all 1.35 0.01 0.87 0.02 0.00 97.75 02:00:01 AM all 26.11 0.02 0.69 0.02 0.00 73.17 02:10:01 AM all 26.73 0.02 0.89 0.14 0.00 72.21 02:20:01 AM all 1.45 0.01 0.92 0.04 0.00 97.58 02:30:01 AM all 26.59 0.01 1.06 0.03 0.00 72.31 02:40:01 AM all 26.27 0.01 0.72 0.05 0.00 72.95 02:50:01 AM all 0.86 0.01 0.50 0.09 0.00 98.53 03:00:01 AM all 25.61 0.02 0.39 0.03 0.00 73.96 03:10:01 AM all 26.30 0.08 0.66 0.14 0.00 72.82 03:20:01 AM all 0.81 0.01 0.51 0.04 0.00 98.63 03:30:02 AM all 26.15 0.02 0.53 0.07 0.00 73.24 03:40:01 AM all 26.06 0.01 0.47 0.04 0.00 73.42 03:50:01 AM all 0.96 0.02 0.51 0.03 0.00 98.48 Average: all 17.69 0.02 0.79 0.14 0.00 81.36 06:58:14 AM LINUX RESTART 07:00:01 AM CPU %user %nice %system %iowait %steal %idle 07:10:01 AM all 1.04 0.02 0.57 0.95 0.00 97.42 07:20:02 AM all 0.66 0.01 0.39 0.06 0.00 98.87 07:30:01 AM all 25.71 0.01 0.45 0.16 0.00 73.67 07:40:01 AM all 25.88 0.01 0.35 0.08 0.00 73.68 As you can see the server became unresponsive at 03.50 AM and I had to reset the VM at 06.58 AM to fix it. sar -d 03:00:01 PM dev8-16 0.16 0.01 3.37 20.78 0.00 12.40 9.29 0.15 03:00:01 PM dev8-0 4.08 5.72 77.50 20.38 0.06 15.15 3.13 1.28 03:00:01 PM dev253-0 10.37 5.74 80.87 8.35 0.13 12.52 1.24 1.29 03:00:01 PM dev253-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 03:10:01 PM dev8-16 0.27 0.17 3.17 12.22 0.00 11.49 7.95 0.22 03:10:01 PM dev8-0 6.37 18.98 136.19 24.34 0.05 7.25 2.18 1.39 03:10:01 PM dev253-0 17.91 19.15 137.94 8.77 0.13 7.11 0.78 1.41 03:10:01 PM dev253-1 0.18 0.00 1.41 8.00 0.00 9.09 0.52 0.01 03:10:01 PM DEV tps rd_sec/s wr_sec/s avgrq-sz avgqu-sz await svctm %util 03:20:01 PM dev8-16 0.17 0.23 2.04 13.39 0.00 6.07 5.29 0.09 03:20:01 PM dev8-0 3.83 18.57 78.45 25.35 0.05 13.25 2.73 1.05 03:20:01 PM dev253-0 10.30 18.80 80.49 9.64 0.14 13.89 1.03 1.06 03:20:01 PM dev253-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 03:30:01 PM dev8-16 0.26 0.16 4.59 18.56 0.00 6.44 5.54 0.14 03:30:01 PM dev8-0 5.97 24.07 117.83 23.77 0.05 8.53 2.13 1.27 03:30:01 PM dev253-0 15.90 24.23 122.42 9.22 0.12 7.71 0.81 1.29 03:30:01 PM dev253-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 03:40:01 PM dev8-16 0.20 0.00 2.32 11.44 0.00 8.35 5.90 0.12 03:40:01 PM dev8-0 4.39 19.58 77.94 22.24 0.06 12.87 2.12 0.93 03:40:01 PM dev253-0 10.25 19.58 80.25 9.74 0.12 11.63 0.91 0.94 03:40:01 PM dev253-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 03:50:01 PM dev8-16 0.23 0.50 2.32 12.44 0.00 6.27 5.13 0.12 03:50:01 PM dev8-0 5.09 9.00 95.04 20.45 0.04 7.36 2.10 1.07 03:50:01 PM dev253-0 12.47 9.50 96.82 8.53 0.08 6.76 0.87 1.08 03:50:01 PM dev253-1 0.07 0.00 0.54 8.00 0.00 14.10 0.40 0.00 04:00:01 PM dev8-16 0.21 0.00 2.04 9.89 0.00 7.00 5.87 0.12 04:00:01 PM dev8-0 4.68 1.64 94.70 20.57 0.05 10.71 2.41 1.13 04:00:01 PM dev253-0 12.27 1.64 96.74 8.02 0.12 9.95 0.93 1.14 sar -q 01:00:01 AM 6 205 2.02 1.32 0.81 01:10:01 AM 3 187 0.08 0.72 0.86 01:20:01 AM 2 187 0.04 0.18 0.49 01:30:01 AM 4 205 2.04 1.34 0.82 01:40:01 AM 2 185 0.02 0.68 0.83 01:50:02 AM 1 185 0.08 0.15 0.45 02:00:01 AM 5 202 2.02 1.30 0.78 02:10:01 AM 4 185 0.11 0.72 0.84 02:20:01 AM 1 183 0.17 0.15 0.45 02:30:01 AM 5 206 2.03 1.32 0.79 02:40:01 AM 2 184 0.08 0.70 0.83 02:50:01 AM 1 183 0.00 0.10 0.43 03:00:01 AM 7 205 2.03 1.32 0.78 03:10:01 AM 2 194 0.34 0.73 0.83 03:20:01 AM 1 184 0.00 0.13 0.44 03:30:02 AM 4 201 2.04 1.32 0.78 03:40:01 AM 2 193 0.06 0.67 0.81 03:50:01 AM 1 183 0.06 0.12 0.43 Average: 3 192 0.68 0.70 0.69 06:58:14 AM LINUX RESTART 07:00:01 AM runq-sz plist-sz ldavg-1 ldavg-5 ldavg-15 07:10:01 AM 2 181 0.00 0.09 0.11 07:20:02 AM 1 179 0.00 0.00 0.04 07:30:01 AM 4 197 2.12 1.33 0.58 sar -r Linux 2.6.32-431.3.1.el6.x86_64 (test01) 08/22/2014 _x86_64_ (4 CPU) 12:00:01 AM kbmemfree kbmemused %memused kbbuffers kbcached kbcommit %commit 12:10:01 AM 227484 1694468 88.16 117444 917004 635308 10.50 12:20:01 AM 219692 1702260 88.57 119556 920540 630940 10.43 12:30:01 AM 196248 1725704 89.79 121376 923592 695048 11.49 12:40:01 AM 127524 1794428 93.36 125004 1016196 633048 10.46 12:50:01 AM 127156 1794796 93.38 128212 1014536 624992 10.33 01:00:01 AM 110764 1811188 94.24 129964 1001608 700016 11.57 01:10:01 AM 160560 1761392 91.65 132260 973472 628640 10.39 01:20:01 AM 133076 1788876 93.08 134144 982608 655524 10.83 01:30:01 AM 121512 1800440 93.68 135548 985676 700500 11.58 01:40:01 AM 140640 1781312 92.68 137220 988576 628280 10.38 01:50:02 AM 139160 1782792 92.76 138688 990672 625224 10.33 02:00:01 AM 106112 1815840 94.48 139940 993976 700360 11.57 02:10:01 AM 155400 1766552 91.91 142112 971864 625656 10.34 02:20:01 AM 154056 1767896 91.98 143732 975556 621352 10.27 02:30:01 AM 110856 1811096 94.23 145032 978288 709360 11.72 02:40:01 AM 140200 1781752 92.71 146568 980656 624872 10.33 02:50:01 AM 137600 1784352 92.84 148940 984484 621948 10.28 03:00:01 AM 105032 1816920 94.54 150208 985736 706060 11.67 03:10:01 AM 168996 1752956 91.21 154708 941500 656312 10.85 03:20:01 AM 169408 1752544 91.19 156096 944100 621780 10.28 03:30:02 AM 132360 1789592 93.11 157724 951612 701296 11.59 03:40:01 AM 159012 1762940 91.73 158940 942560 656292 10.85 03:50:01 AM 163192 1758760 91.51 160312 944576 624544 10.32 Average: 148089 1773863 92.29 140162 969973 653363 10.80 06:58:14 AM LINUX RESTART 07:00:01 AM kbmemfree kbmemused %memused kbbuffers kbcached kbcommit %commit 07:10:01 AM 1016628 905324 47.10 85568 447556 600932 9.93 07:20:02 AM 1009996 911956 47.45 87616 451200 596156 9.85 07:30:01 AM 961128 960824 49.99 89164 464332 658912 10.89 07:40:01 AM 973376 948576 49.35 90880 473084 600176 9.92 dmesg does not show any relevant information. I don't see any bottleneck in sar, any idea what can I check next? thank you very much

    Read the article

  • SElinux process killed while trying to set boolean

    - by Antonio
    I've got a strange problem. I can not allow apache to connect to database at my CentOC 6.4 box: [root@centos6 ~]# setsebool -P httpd_can_network_connect on Killed [root@centos6 ~]# sestatus -b | grep httpd_can_network_connect httpd_can_network_connect off httpd_can_network_connect_cobbler off httpd_can_network_connect_db off I watched log file, but there was no log messages: tail -f /var/log/audit/audit.log UPDATE: There are some information in /var/log/messages: Nov 9 19:07:16 vs302 kernel: setsebool invoked oom-killer: gfp_mask=0x280da, order=0, oom_adj=0, oom_score_adj=0 Nov 9 19:07:16 vs302 kernel: setsebool cpuset=/ mems_allowed=0 Nov 9 19:07:16 vs302 kernel: Pid: 1660, comm: setsebool Not tainted 2.6.32-358.23.2.el6.x86_64 #1 Nov 9 19:07:16 vs302 kernel: Call Trace: Nov 9 19:07:16 vs302 kernel: [<ffffffff810cb641>] ? cpuset_print_task_mems_allowed+0x91/0xb0 Nov 9 19:07:16 vs302 kernel: [<ffffffff8111ce40>] ? dump_header+0x90/0x1b0 Nov 9 19:07:16 vs302 kernel: [<ffffffff8111d2c2>] ? oom_kill_process+0x82/0x2a0 Nov 9 19:07:16 vs302 kernel: [<ffffffff8111d201>] ? select_bad_process+0xe1/0x120 Nov 9 19:07:16 vs302 kernel: [<ffffffff8111d700>] ? out_of_memory+0x220/0x3c0 Nov 9 19:07:16 vs302 kernel: [<ffffffff8112c3dc>] ? __alloc_pages_nodemask+0x8ac/0x8d0 Nov 9 19:07:16 vs302 kernel: [<ffffffff81160d6a>] ? alloc_pages_vma+0x9a/0x150 Nov 9 19:07:16 vs302 kernel: [<ffffffff81143f0b>] ? handle_pte_fault+0x76b/0xb50 Nov 9 19:07:16 vs302 kernel: [<ffffffff81228664>] ? task_has_capability+0xb4/0x110 Nov 9 19:07:16 vs302 kernel: [<ffffffff81004a49>] ? __raw_callee_save_xen_pmd_val+0x11/0x1e Nov 9 19:07:16 vs302 kernel: [<ffffffff8114452a>] ? handle_mm_fault+0x23a/0x310 Nov 9 19:07:16 vs302 kernel: [<ffffffff811485b6>] ? vma_adjust+0x556/0x5e0 Nov 9 19:07:16 vs302 kernel: [<ffffffff810474e9>] ? __do_page_fault+0x139/0x480 Nov 9 19:07:16 vs302 kernel: [<ffffffff81148b8a>] ? vma_merge+0x29a/0x3e0 Nov 9 19:07:16 vs302 kernel: [<ffffffff81149fdc>] ? do_brk+0x26c/0x350 Nov 9 19:07:16 vs302 kernel: [<ffffffff8100ba1d>] ? retint_restore_args+0x5/0x6 Nov 9 19:07:16 vs302 kernel: [<ffffffff81513bfe>] ? do_page_fault+0x3e/0xa0 Nov 9 19:07:16 vs302 kernel: [<ffffffff81510fb5>] ? page_fault+0x25/0x30 Nov 9 19:07:16 vs302 kernel: Mem-Info: Nov 9 19:07:16 vs302 kernel: Node 0 DMA per-cpu: Nov 9 19:07:16 vs302 kernel: CPU 0: hi: 0, btch: 1 usd: 0 Nov 9 19:07:16 vs302 kernel: Node 0 DMA32 per-cpu: Nov 9 19:07:16 vs302 kernel: CPU 0: hi: 186, btch: 31 usd: 30 Nov 9 19:07:16 vs302 kernel: active_anon:132249 inactive_anon:46 isolated_anon:0 Nov 9 19:07:16 vs302 kernel: active_file:56 inactive_file:59 isolated_file:0 Nov 9 19:07:16 vs302 kernel: unevictable:0 dirty:2 writeback:0 unstable:0 Nov 9 19:07:16 vs302 kernel: free:1369 slab_reclaimable:1774 slab_unreclaimable:11588 Nov 9 19:07:16 vs302 kernel: mapped:54 shmem:48 pagetables:1211 bounce:0 Nov 9 19:07:16 vs302 kernel: Node 0 DMA free:2440kB min:72kB low:88kB high:108kB active_anon:12156kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:14648kB mlocked:0kB dirty:0kB writeback:0kB mapped:0kB shmem:0kB slab_reclaimable:24kB slab_unreclaimable:8kB kernel_stack:0kB pagetables:16kB unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? yes Nov 9 19:07:16 vs302 kernel: lowmem_reserve[]: 0 590 590 590 Nov 9 19:07:16 vs302 kernel: Node 0 DMA32 free:3036kB min:3072kB low:3840kB high:4608kB active_anon:516840kB inactive_anon:184kB active_file:224kB inactive_file:236kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:604988kB mlocked:0kB dirty:8kB writeback:0kB mapped:216kB shmem:192kB slab_reclaimable:7072kB slab_unreclaimable:46344kB kernel_stack:880kB pagetables:4828kB unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:128 all_unreclaimable? no Nov 9 19:07:16 vs302 kernel: lowmem_reserve[]: 0 0 0 0 Nov 9 19:07:16 vs302 kernel: Node 0 DMA: 0*4kB 1*8kB 0*16kB 0*32kB 0*64kB 1*128kB 1*256kB 0*512kB 0*1024kB 1*2048kB 0*4096kB = 2440kB Nov 9 19:07:16 vs302 kernel: Node 0 DMA32: 129*4kB 67*8kB 30*16kB 19*32kB 6*64kB 2*128kB 1*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 3036kB Nov 9 19:07:16 vs302 kernel: 182 total pagecache pages Nov 9 19:07:16 vs302 kernel: 0 pages in swap cache Nov 9 19:07:16 vs302 kernel: Swap cache stats: add 0, delete 0, find 0/0 Nov 9 19:07:16 vs302 kernel: Free swap = 0kB Nov 9 19:07:16 vs302 kernel: Total swap = 0kB Nov 9 19:07:16 vs302 kernel: 157439 pages RAM Nov 9 19:07:16 vs302 kernel: 6271 pages reserved Nov 9 19:07:16 vs302 kernel: 2686 pages shared Nov 9 19:07:16 vs302 kernel: 146395 pages non-shared Nov 9 19:07:16 vs302 kernel: [ pid ] uid tgid total_vm rss cpu oom_adj oom_score_adj name Nov 9 19:07:16 vs302 kernel: [ 271] 0 271 2798 231 0 -17 -1000 udevd Nov 9 19:07:16 vs302 kernel: [ 476] 0 476 2797 230 0 -17 -1000 udevd Nov 9 19:07:16 vs302 kernel: [ 718] 0 718 2279 122 0 0 0 dhclient Nov 9 19:07:16 vs302 kernel: [ 762] 0 762 6909 58 0 -17 -1000 auditd Nov 9 19:07:16 vs302 kernel: [ 787] 0 787 62270 147 0 0 0 rsyslogd Nov 9 19:07:16 vs302 kernel: [ 801] 25 801 40326 2655 0 0 0 named Nov 9 19:07:16 vs302 kernel: [ 850] 0 850 16563 172 0 -17 -1000 sshd Nov 9 19:07:16 vs302 kernel: [ 875] 0 875 23451 240 0 0 0 sshd Nov 9 19:07:16 vs302 kernel: [ 966] 498 966 4780 44 0 0 0 wrapper Nov 9 19:07:16 vs302 kernel: [ 968] 498 968 497404 40812 0 0 0 java Nov 9 19:07:16 vs302 kernel: [ 1057] 0 1057 20216 225 0 0 0 master Nov 9 19:07:16 vs302 kernel: [ 1064] 89 1064 20278 209 0 0 0 qmgr Nov 9 19:07:16 vs302 kernel: [ 1071] 0 1071 27075 121 0 0 0 bash Nov 9 19:07:16 vs302 kernel: [ 1111] 0 1111 24880 350 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1117] 48 1117 24913 351 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1118] 48 1118 24880 337 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1119] 48 1119 24880 337 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1120] 48 1120 24880 337 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1121] 48 1121 24880 337 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1122] 48 1122 24880 337 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1124] 48 1124 24880 337 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1125] 48 1125 24880 337 0 0 0 httpd Nov 9 19:07:16 vs302 kernel: [ 1129] 0 1129 29313 151 0 0 0 crond Nov 9 19:07:16 vs302 kernel: [ 1143] 0 1143 1018 22 0 0 0 agetty Nov 9 19:07:16 vs302 kernel: [ 1146] 0 1146 1015 22 0 0 0 mingetty Nov 9 19:07:16 vs302 kernel: [ 1514] 0 1514 23451 237 0 0 0 sshd Nov 9 19:07:16 vs302 kernel: [ 1517] 0 1517 27075 113 0 0 0 bash Nov 9 19:07:16 vs302 kernel: [ 1641] 89 1641 20236 218 0 0 0 pickup Nov 9 19:07:16 vs302 kernel: [ 1659] 0 1659 25234 39 0 0 0 tail Nov 9 19:07:16 vs302 kernel: [ 1660] 0 1660 89903 85712 0 0 0 setsebool Nov 9 19:07:16 vs302 kernel: Out of memory: Kill process 1660 (setsebool) score 568 or sacrifice child Nov 9 19:07:16 vs302 kernel: Killed process 1660, UID 0, (setsebool) total-vm:359612kB, anon-rss:342708kB, file-rss:140kB

    Read the article

  • EC2 instance suddenly refusing SSH connections and won't respond to ping

    - by Chris
    My instance was running fine and this morning I was able to access a Ruby on Rails app hosted on it. An hour later I suddenly wasn't able to access my site, my SSH connection attempts were refused and the server wasn't even responding to ping. I didn't change anything on my system during that hour and reboots aren't fixing it. I've never had any problems connecting or pinging the system before. Can someone please help? This is on my production system! OS: CentOS 5 AMI ID: ami-10b55379 Type: m1.small [] ~% ssh -v *****@meeteor.com OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to meeteor.com [184.73.235.191] port 22. debug1: connect to address 184.73.235.191 port 22: Connection refused ssh: connect to host meeteor.com port 22: Connection refused [] ~% ping meeteor.com PING meeteor.com (184.73.235.191): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 ^C --- meeteor.com ping statistics --- 4 packets transmitted, 0 packets received, 100.0% packet loss [] ~% ========= System Log ========= Restarting system. Linux version 2.6.16-xenU ([email protected]) (gcc version 4.0.1 20050727 (Red Hat 4.0.1-5)) #1 SMP Mon May 28 03:41:49 SAST 2007 BIOS-provided physical RAM map: Xen: 0000000000000000 - 000000006a400000 (usable) 980MB HIGHMEM available. 727MB LOWMEM available. NX (Execute Disable) protection: active IRQ lockup detection disabled Built 1 zonelists Kernel command line: root=/dev/sda1 ro 4 Enabling fast FPU save and restore... done. Enabling unmasked SIMD FPU exception support... done. Initializing CPU#0 PID hash table entries: 4096 (order: 12, 65536 bytes) Xen reported: 2599.998 MHz processor. Dentry cache hash table entries: 131072 (order: 7, 524288 bytes) Inode-cache hash table entries: 65536 (order: 6, 262144 bytes) Software IO TLB disabled vmalloc area: ee000000-f53fe000, maxmem 2d7fe000 Memory: 1718700k/1748992k available (1958k kernel code, 20948k reserved, 620k data, 144k init, 1003528k highmem) Checking if this processor honours the WP bit even in supervisor mode... Ok. Calibrating delay using timer specific routine.. 5202.30 BogoMIPS (lpj=26011526) Mount-cache hash table entries: 512 CPU: L1 I Cache: 64K (64 bytes/line), D cache 64K (64 bytes/line) CPU: L2 Cache: 1024K (64 bytes/line) Checking 'hlt' instruction... OK. Brought up 1 CPUs migration_cost=0 Grant table initialized NET: Registered protocol family 16 Brought up 1 CPUs xen_mem: Initialising balloon driver. highmem bounce pool size: 64 pages VFS: Disk quotas dquot_6.5.1 Dquot-cache hash table entries: 1024 (order 0, 4096 bytes) Initializing Cryptographic API io scheduler noop registered io scheduler anticipatory registered (default) io scheduler deadline registered io scheduler cfq registered i8042.c: No controller found. RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize Xen virtual console successfully installed as tty1 Event-channel device installed. netfront: Initialising virtual ethernet driver. mice: PS/2 mouse device common for all mice md: md driver 0.90.3 MAX_MD_DEVS=256, MD_SB_DISKS=27 md: bitmap version 4.39 NET: Registered protocol family 2 Registering block device major 8 IP route cache hash table entries: 65536 (order: 6, 262144 bytes) TCP established hash table entries: 262144 (order: 9, 2097152 bytes) TCP bind hash table entries: 65536 (order: 7, 524288 bytes) TCP: Hash tables configured (established 262144 bind 65536) TCP reno registered TCP bic registered NET: Registered protocol family 1 NET: Registered protocol family 17 NET: Registered protocol family 15 Using IPI No-Shortcut mode md: Autodetecting RAID arrays. md: autorun ... md: ... autorun DONE. kjournald starting. Commit interval 5 seconds EXT3-fs: mounted filesystem with ordered data mode. VFS: Mounted root (ext3 filesystem) readonly. Freeing unused kernel memory: 144k freed *************************************************************** *************************************************************** ** WARNING: Currently emulating unsupported memory accesses ** ** in /lib/tls glibc libraries. The emulation is ** ** slow. To ensure full performance you should ** ** install a 'xen-friendly' (nosegneg) version of ** ** the library, or disable tls support by executing ** ** the following as root: ** ** mv /lib/tls /lib/tls.disabled ** ** Offending process: init (pid=1) ** *************************************************************** *************************************************************** Pausing... 5Pausing... 4Pausing... 3Pausing... 2Pausing... 1Continuing... INIT: version 2.86 booting Welcome to CentOS release 5.4 (Final) Press 'I' to enter interactive startup. Setting clock : Fri Oct 1 14:35:26 EDT 2010 [ OK ] Starting udev: [ OK ] Setting hostname localhost.localdomain: [ OK ] No devices found Setting up Logical Volume Management: [ OK ] Checking filesystems Checking all file systems. [/sbin/fsck.ext3 (1) -- /] fsck.ext3 -a /dev/sda1 /dev/sda1: clean, 275424/1310720 files, 1161123/2621440 blocks [ OK ] Remounting root filesystem in read-write mode: [ OK ] Mounting local filesystems: [ OK ] Enabling local filesystem quotas: [ OK ] Enabling /etc/fstab swaps: [ OK ] INIT: Entering runlevel: 4 Entering non-interactive startup Starting background readahead: [ OK ] Applying ip6tables firewall rules: modprobe: FATAL: Module ip6_tables not found. ip6tables-restore v1.3.5: ip6tables-restore: unable to initializetable 'filter' Error occurred at line: 3 Try `ip6tables-restore -h' or 'ip6tables-restore --help' for more information. [FAILED] Applying iptables firewall rules: [ OK ] Loading additional iptables modules: ip_conntrack_netbios_ns [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Determining IP information for eth0... done. [ OK ] Starting auditd: [FAILED] Starting irqbalance: [ OK ] Starting portmap: [ OK ] FATAL: Module lockd not found. Starting NFS statd: [ OK ] Starting RPC idmapd: FATAL: Module sunrpc not found. FATAL: Error running install command for sunrpc Error: RPC MTAB does not exist. Starting system message bus: [ OK ] Starting Bluetooth services:[ OK ] [ OK ] Can't open RFCOMM control socket: Address family not supported by protocol Mounting other filesystems: [ OK ] Starting PC/SC smart card daemon (pcscd): [ OK ] Starting hidd: Can't open HIDP control socket: Address family not supported by protocol [FAILED] Starting autofs: Starting automount: automount: test mount forbidden or incorrect kernel protocol version, kernel protocol version 5.00 or above required. [FAILED] [FAILED] Starting sshd: [ OK ] Starting cups: [ OK ] Starting sendmail: [ OK ] Starting sm-client: [ OK ] Starting console mouse services: no console device found[FAILED] Starting crond: [ OK ] Starting xfs: [ OK ] Starting anacron: [ OK ] Starting atd: [ OK ] % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 390 100 390 0 0 58130 0 --:--:-- --:--:-- --:--:-- 58130 100 390 100 390 0 0 56984 0 --:--:-- --:--:-- --:--:-- 0 Starting yum-updatesd: [ OK ] Starting Avahi daemon... [ OK ] Starting HAL daemon: [ OK ] Starting OSSEC: [ OK ] Starting smartd: [ OK ] c CentOS release 5.4 (Final) Kernel 2.6.16-xenU on an i686 domU-12-31-39-00-C4-97 login: INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "6" respawning too fast: disabled for 5 minutes

    Read the article

  • High memory usage on the server - can't determine the process

    - by HTF
    I've noticed high memory usage on the server. Details: OS: CentOS 6.3 - x86_64 Web server: Nginx with PHP-FPM The server is generating PDF documents so the traffic is minimum. top: # top -b -n 1 -a top - 10:04:51 up 21 days, 18:57, 1 user, load average: 0.00, 0.00, 0.00 Tasks: 92 total, 1 running, 91 sleeping, 0 stopped, 0 zombie Cpu(s): 0.3%us, 0.2%sy, 0.0%ni, 99.6%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 3923092k total, 3720380k used, 202712k free, 133904k buffers Swap: 4194296k total, 12k used, 4194284k free, 147404k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 15855 www-data 20 0 199m 4952 2128 S 0.0 0.1 0:00.06 php-fpm 15853 www-data 20 0 199m 4940 2028 S 0.0 0.1 0:00.06 php-fpm 15850 www-data 20 0 199m 4928 2020 S 0.0 0.1 0:00.05 php-fpm 15851 www-data 20 0 199m 4888 2020 S 0.0 0.1 0:00.06 php-fpm 15852 www-data 20 0 199m 4852 2020 S 0.0 0.1 0:00.06 php-fpm 15857 www-data 20 0 198m 4716 2020 S 0.0 0.1 0:00.06 php-fpm 17553 root 20 0 97816 3860 2924 S 0.0 0.1 0:00.03 sshd 15849 root 20 0 198m 3460 1072 S 0.0 0.1 0:00.12 php-fpm 13441 nginx 20 0 65608 2968 1604 S 0.0 0.1 0:02.06 nginx 13440 nginx 20 0 65608 2964 1600 S 0.0 0.1 0:01.87 nginx 17561 root 20 0 105m 1944 1488 S 0.0 0.0 0:00.01 bash 1150 xfs 20 0 20980 1784 704 S 0.0 0.0 0:00.13 xfs 15863 root 20 0 179m 1424 1028 S 0.0 0.0 0:00.00 rsyslogd 1 root 20 0 19224 1360 1088 S 0.0 0.0 0:17.96 init 1201 nrpe 20 0 40928 1288 704 S 0.0 0.0 3:57.64 nrpe 13226 root 20 0 114m 1216 612 S 0.0 0.0 0:00.01 crond 6691 root 20 0 64068 1156 488 S 0.0 0.0 0:09.59 sshd 13439 root 20 0 65104 1128 292 S 0.0 0.0 0:00.00 nginx 19026 root 20 0 15040 1116 844 R 0.0 0.0 0:00.00 top 451 root 16 -4 11052 1096 316 S 0.0 0.0 0:00.02 udevd 1174 root 18 -2 11048 1064 288 S 0.0 0.0 0:00.00 udevd 1175 root 18 -2 11048 1064 288 S 0.0 0.0 0:00.00 udevd 1065 root 16 -4 93168 824 560 S 0.0 0.0 0:16.00 auditd 1165 root 20 0 4056 564 480 S 0.0 0.0 0:00.00 mingetty 1167 root 20 0 4056 564 480 S 0.0 0.0 0:00.00 mingetty 1169 root 20 0 4056 564 480 S 0.0 0.0 0:00.00 mingetty 1171 root 20 0 4056 564 480 S 0.0 0.0 0:00.00 mingetty 1163 root 20 0 4056 560 480 S 0.0 0.0 0:00.00 mingetty 1176 root 20 0 4056 560 480 S 0.0 0.0 0:00.00 mingetty 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd 3 root RT 0 0 0 0 S 0.0 0.0 0:11.75 migration/0 4 root 20 0 0 0 0 S 0.0 0.0 44:30.28 ksoftirqd/0 5 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/0 6 root RT 0 0 0 0 S 0.0 0.0 0:03.51 watchdog/0 7 root RT 0 0 0 0 S 0.0 0.0 0:11.63 migration/1 8 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/1 9 root 20 0 0 0 0 S 0.0 0.0 11:35.50 ksoftirqd/1 10 root RT 0 0 0 0 S 0.0 0.0 0:03.34 watchdog/1 11 root 20 0 0 0 0 S 0.0 0.0 1:36.68 events/0 12 root 20 0 0 0 0 S 0.0 0.0 1:50.57 events/1 13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cgroup 14 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khelper 15 root 20 0 0 0 0 S 0.0 0.0 0:00.00 netns 16 root 20 0 0 0 0 S 0.0 0.0 0:00.00 async/mgr 17 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pm 18 root 20 0 0 0 0 S 0.0 0.0 0:07.86 sync_supers 19 root 20 0 0 0 0 S 0.0 0.0 0:10.38 bdi-default 20 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kintegrityd/0 21 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kintegrityd/1 22 root 20 0 0 0 0 S 0.0 0.0 0:04.35 kblockd/0 23 root 20 0 0 0 0 S 0.0 0.0 0:04.18 kblockd/1 24 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpid 25 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_notify 26 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_hotplug 27 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata/0 28 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata/1 29 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata_aux 30 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksuspend_usbd 31 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khubd 32 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kseriod 33 root 20 0 0 0 0 S 0.0 0.0 0:00.00 md/0 34 root 20 0 0 0 0 S 0.0 0.0 0:00.00 md/1 35 root 20 0 0 0 0 S 0.0 0.0 0:00.00 md_misc/0 36 root 20 0 0 0 0 S 0.0 0.0 0:00.00 md_misc/1 37 root 20 0 0 0 0 S 0.0 0.0 0:00.48 khungtaskd 38 root 20 0 0 0 0 S 0.0 0.0 1:07.52 kswapd0 39 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd 40 root 39 19 0 0 0 S 0.0 0.0 0:22.00 khugepaged 41 root 20 0 0 0 0 S 0.0 0.0 0:00.00 aio/0 42 root 20 0 0 0 0 S 0.0 0.0 0:00.00 aio/1 43 root 20 0 0 0 0 S 0.0 0.0 0:00.00 crypto/0 44 root 20 0 0 0 0 S 0.0 0.0 0:00.00 crypto/1 49 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthrotld/0 50 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthrotld/1 52 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kpsmoused 53 root 20 0 0 0 0 S 0.0 0.0 0:00.00 usbhid_resumer 83 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kstriped 233 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0 234 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_1 321 root 20 0 0 0 0 S 0.0 0.0 0:00.00 virtio-blk 359 root 20 0 0 0 0 S 0.0 0.0 0:03.24 kdmflush 360 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdmflush 380 root 20 0 0 0 0 S 0.0 0.0 0:20.64 jbd2/dm-0-8 381 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ext4-dio-unwrit 382 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ext4-dio-unwrit 694 root 20 0 0 0 0 S 0.0 0.0 0:00.00 vballoon 697 root 20 0 0 0 0 S 0.0 0.0 0:00.00 virtio-net 818 root 20 0 0 0 0 S 0.0 0.0 0:00.00 jbd2/vda1-8 819 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ext4-dio-unwrit 820 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ext4-dio-unwrit 851 root 20 0 0 0 0 S 0.0 0.0 0:06.96 kauditd 1013 root 20 0 0 0 0 S 0.0 0.0 0:15.45 flush-253:0 ps: # ps aux --sort -vsz | head USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND www-data 13213 0.0 0.1 204416 4772 ? S 08:28 0:00 php-fpm: pool default www-data 13214 0.0 0.1 204416 4776 ? S 08:28 0:00 php-fpm: pool default www-data 13215 0.0 0.1 204416 4832 ? S 08:28 0:00 php-fpm: pool default www-data 13216 0.0 0.1 204416 4776 ? S 08:28 0:00 php-fpm: pool default www-data 13218 0.0 0.1 204416 4956 ? S 08:28 0:00 php-fpm: pool default free: #free -m total used free shared buffers cached Mem: 3831 3530 300 0 130 143 -/+ buffers/cache: 3256 574 Swap: 4095 0 4095 When I stooped Nginx, PHP-FPM the memory usage was still the same. Could you help me to investigate what is consuming the memory on the system? Regards

    Read the article

  • Web site not responding

    - by Subhransu
    I have website working fine before. But now its not able to connect to the server(I believe that is the problem). But its strange that the message not able to connect to the server is not coming and its keep connecting... for infinite time. Here is the screenshot. Here are some of the useful details about the status of the server. Application starts when server wakes up are: cd /etc/init.d/ Application server running in my server : Traceroute: UPDATE: ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 19204 744 ? Ss Aug07 0:01 /sbin/init root 2 0.0 0.0 0 0 ? S Aug07 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S Aug07 0:00 [migration/0] root 4 0.0 0.0 0 0 ? S Aug07 7:15 [ksoftirqd/0] root 5 0.0 0.0 0 0 ? S Aug07 0:00 [migration/0] root 6 0.0 0.0 0 0 ? S Aug07 0:00 [watchdog/0] root 7 0.0 0.0 0 0 ? S Aug07 0:05 [events/0] root 8 0.0 0.0 0 0 ? S Aug07 0:00 [cpuset] root 9 0.0 0.0 0 0 ? S Aug07 0:00 [khelper] root 10 0.0 0.0 0 0 ? S Aug07 0:00 [netns] root 11 0.0 0.0 0 0 ? S Aug07 0:00 [async/mgr] root 12 0.0 0.0 0 0 ? S Aug07 0:00 [pm] root 13 0.0 0.0 0 0 ? S Aug07 0:00 [sync_supers] root 14 0.0 0.0 0 0 ? S Aug07 0:00 [bdi-default] root 15 0.0 0.0 0 0 ? S Aug07 0:00 [kintegrityd/0] root 16 0.0 0.0 0 0 ? S Aug07 0:24 [kblockd/0] root 17 0.0 0.0 0 0 ? S Aug07 0:00 [kacpid] root 18 0.0 0.0 0 0 ? S Aug07 0:00 [kacpi_notify] root 19 0.0 0.0 0 0 ? S Aug07 0:00 [kacpi_hotplug] root 20 0.0 0.0 0 0 ? S Aug07 0:00 [ata/0] root 21 0.0 0.0 0 0 ? S Aug07 0:00 [ata_aux] root 22 0.0 0.0 0 0 ? S Aug07 0:00 [ksuspend_usbd] root 23 0.0 0.0 0 0 ? S Aug07 0:00 [khubd] root 24 0.0 0.0 0 0 ? S Aug07 0:00 [kseriod] root 25 0.0 0.0 0 0 ? S Aug07 0:00 [md/0] root 26 0.0 0.0 0 0 ? S Aug07 0:00 [md_misc/0] root 27 0.0 0.0 0 0 ? S Aug07 0:00 [khungtaskd] root 28 0.0 0.0 0 0 ? S Aug07 0:19 [kswapd0] root 29 0.0 0.0 0 0 ? SN Aug07 0:00 [ksmd] root 30 0.0 0.0 0 0 ? SN Aug07 1:36 [khugepaged] root 31 0.0 0.0 0 0 ? S Aug07 0:00 [aio/0] root 32 0.0 0.0 0 0 ? S Aug07 0:00 [crypto/0] root 37 0.0 0.0 0 0 ? S Aug07 0:00 [kthrotld/0] root 38 0.0 0.0 0 0 ? S Aug07 0:00 [pciehpd] root 40 0.0 0.0 0 0 ? S Aug07 0:00 [kpsmoused] root 41 0.0 0.0 0 0 ? S Aug07 0:00 [usbhid_resumer] root 71 0.0 0.0 0 0 ? S Aug07 0:00 [kstriped] root 203 0.0 0.0 0 0 ? S Aug07 0:00 [scsi_eh_0] root 206 0.0 0.0 0 0 ? S Aug07 0:00 [scsi_eh_1] root 213 0.0 0.0 0 0 ? S Aug07 0:00 [mpt_poll_0] root 214 0.0 0.0 0 0 ? S Aug07 0:00 [mpt/0] root 215 0.0 0.0 0 0 ? S Aug07 0:00 [scsi_eh_2] root 317 0.0 0.0 0 0 ? S Aug07 0:00 [kdmflush] root 319 0.0 0.0 0 0 ? S Aug07 0:00 [kdmflush] root 338 0.0 0.0 0 0 ? S Aug07 4:30 [jbd2/dm-0-8] root 339 0.0 0.0 0 0 ? S Aug07 0:00 [ext4-dio-unwrit] root 411 0.0 0.0 11060 224 ? S<s Aug07 0:00 /sbin/udevd -d root 591 0.0 0.0 0 0 ? S Aug07 0:00 [vmmemctl] root 732 0.0 0.0 0 0 ? S Aug07 0:00 [jbd2/sda1-8] root 733 0.0 0.0 0 0 ? S Aug07 0:00 [ext4-dio-unwrit] root 770 0.0 0.0 0 0 ? S Aug07 0:00 [kauditd] root 907 0.0 0.0 0 0 ? S Aug07 0:02 [flush-253:0] root 963 0.0 0.0 93180 528 ? S<sl Aug07 0:00 auditd root 979 0.0 0.0 248680 1132 ? Sl Aug07 0:04 /sbin/rsyslogd -i /var/run/syslogd.pid -c 4 dbus 991 0.0 0.0 31740 348 ? Ssl Aug07 0:00 dbus-daemon --system root 1023 0.0 0.0 64032 456 ? Ss Aug07 0:01 /usr/sbin/sshd root 1031 0.0 0.0 22076 592 ? Ss Aug07 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid root 1107 0.0 0.0 78652 744 ? Ss Aug07 0:01 /usr/libexec/postfix/master postfix 1116 0.0 0.0 78904 852 ? S Aug07 0:00 qmgr -l -t fifo -u qpidd 1129 0.0 0.0 234596 1488 ? Ssl Aug07 1:54 /usr/sbin/qpidd --data-dir /var/lib/qpidd --daemon root 1181 0.0 0.0 117176 532 ? Ss Aug07 0:04 crond root 1217 0.0 0.0 108152 412 ? S Aug07 0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/m mysql 1306 0.0 1.8 792636 72640 ? Sl Aug07 6:51 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log- root 1334 0.0 0.1 739156 5520 ? Ssl Aug07 0:34 /usr/sbin/shibd -p /var/run/shibboleth/shibd.pid -f -w 30 root 1355 0.0 0.0 4048 272 tty2 Ss+ Aug07 0:00 /sbin/mingetty /dev/tty2 root 1357 0.0 0.0 4048 272 tty3 Ss+ Aug07 0:00 /sbin/mingetty /dev/tty3 root 1360 0.0 0.0 12336 264 ? S< Aug07 0:00 /sbin/udevd -d root 1361 0.0 0.0 12336 240 ? S< Aug07 0:00 /sbin/udevd -d root 1362 0.0 0.0 4048 272 tty4 Ss+ Aug07 0:00 /sbin/mingetty /dev/tty4 root 1364 0.0 0.0 4048 272 tty5 Ss+ Aug07 0:00 /sbin/mingetty /dev/tty5 root 1366 0.0 0.0 4048 272 tty6 Ss+ Aug07 0:00 /sbin/mingetty /dev/tty6 root 1394 0.0 0.0 574892 436 ? Sl Aug07 0:00 /usr/sbin/console-kit-daemon --no-daemon root 1495 0.0 0.0 4048 264 tty1 Ss+ Aug07 0:00 /sbin/mingetty /dev/tty1 root 7665 0.0 0.1 296304 6244 ? Ss Aug16 2:33 /usr/sbin/httpd apache 10298 0.0 0.2 457756 10472 ? Sl Sep07 3:35 /usr/sbin/httpd apache 11684 0.0 0.5 465352 20708 ? Sl Sep12 0:02 /usr/sbin/httpd apache 14570 0.0 0.7 475592 30628 ? Sl Sep12 0:02 /usr/sbin/httpd apache 14877 0.0 0.5 467868 22696 ? Sl Sep12 0:01 /usr/sbin/httpd apache 15128 0.0 0.4 464628 19096 ? Sl Sep12 0:01 /usr/sbin/httpd apache 15151 0.0 0.4 464624 18980 ? Sl Sep12 0:01 /usr/sbin/httpd apache 15169 0.0 0.6 470268 24636 ? Sl Sep12 0:01 /usr/sbin/httpd apache 15238 0.0 0.4 464628 19108 ? Sl Sep12 0:01 /usr/sbin/httpd apache 15266 0.0 0.4 464624 18920 ? Sl Sep12 0:02 /usr/sbin/httpd apache 15312 0.0 0.4 464624 18724 ? Sl Sep12 0:01 /usr/sbin/httpd apache 15427 0.0 0.6 470268 24644 ? Sl Sep12 0:00 /usr/sbin/httpd apache 15814 0.0 0.4 464884 19296 ? Sl 00:14 0:01 /usr/sbin/httpd apache 15830 0.0 0.4 464628 19028 ? Sl 00:24 0:00 /usr/sbin/httpd apache 15859 0.0 0.7 475524 30320 ? Sl 00:31 0:00 /usr/sbin/httpd apache 15897 0.0 0.6 471876 26056 ? Sl 00:42 0:00 /usr/sbin/httpd apache 15926 0.0 0.4 464884 18936 ? Sl 00:46 0:01 /usr/sbin/httpd apache 15970 0.0 0.6 470268 24216 ? Sl 00:57 0:00 /usr/sbin/httpd apache 16010 0.0 0.4 464884 18912 ? Sl 01:04 0:00 /usr/sbin/httpd apache 16023 0.0 0.3 457756 12300 ? Sl 01:05 0:02 /usr/sbin/httpd apache 16176 0.0 0.4 464624 18568 ? Sl 02:01 0:01 /usr/sbin/httpd apache 16213 0.0 0.4 464624 18900 ? Sl 02:22 0:01 /usr/sbin/httpd apache 16240 0.0 0.4 464884 18828 ? Sl 02:35 0:00 /usr/sbin/httpd root 16313 0.0 0.0 19372 968 ? Ss 03:01 0:00 /usr/sbin/anacron -s apache 16361 0.0 0.4 464624 18572 ? Sl 03:17 0:00 /usr/sbin/httpd apache 16364 0.0 0.4 464884 19284 ? Sl 03:19 0:01 /usr/sbin/httpd root 16421 0.0 0.0 9180 1300 ? SN 03:37 0:00 /bin/bash /usr/bin/run-parts /etc/cron.daily root 16426 0.0 0.0 9312 1404 ? SN 03:37 0:00 /bin/bash /etc/cron.daily/backupdb root 16427 0.0 0.0 9064 820 ? SN 03:37 0:00 awk -v progname /etc/cron.daily/backupdb progname {????? print progname ":\n" root 16434 0.0 0.0 50776 2420 ? SN 03:37 0:00 mysqldump --opt --quote-names -u root -px xxx inamiriziv_dokeos_user personal_a root 16435 0.0 0.0 4280 536 ? SN 03:37 0:00 gzip --rsyncable apache 16484 0.0 0.2 457584 11432 ? Sl 03:55 0:04 /usr/sbin/httpd apache 16492 0.0 0.4 464884 19320 ? Sl 03:58 0:02 /usr/sbin/httpd apache 16496 0.0 0.4 464624 18704 ? Sl 04:00 0:02 /usr/sbin/httpd apache 16529 0.0 0.6 470268 24608 ? Sl 04:06 0:02 /usr/sbin/httpd apache 16533 0.0 0.4 464624 18532 ? Sl 04:10 0:00 /usr/sbin/httpd apache 16536 0.0 0.4 464884 18908 ? Sl 04:10 0:00 /usr/sbin/httpd apache 16556 0.0 0.4 464884 18924 ? Sl 04:18 0:02 /usr/sbin/httpd apache 16563 0.0 0.3 457756 12384 ? Sl 04:19 0:07 /usr/sbin/httpd apache 16598 0.0 0.3 457756 12344 ? Sl 04:28 0:02 /usr/sbin/httpd apache 16633 0.0 0.4 464624 18492 ? Sl 04:41 0:00 /usr/sbin/httpd apache 16637 0.0 0.6 470268 24300 ? Sl 04:41 0:02 /usr/sbin/httpd apache 16654 0.0 0.3 457756 12296 ? Sl 04:47 0:02 /usr/sbin/httpd apache 16665 0.0 0.6 470268 24308 ? Sl 04:50 0:03 /usr/sbin/httpd apache 16738 0.0 0.6 470268 24312 ? Sl 05:10 0:02 /usr/sbin/httpd apache 17388 0.0 0.2 457584 11440 ? Sl 08:56 0:01 /usr/sbin/httpd apache 17391 0.0 0.3 457756 12296 ? Sl 08:57 0:00 /usr/sbin/httpd apache 17397 0.0 0.3 457756 12312 ? Sl 08:59 0:00 /usr/sbin/httpd apache 17401 0.0 0.3 457756 12284 ? Sl 09:00 0:00 /usr/sbin/httpd apache 17420 0.0 0.2 457584 11436 ? Sl 09:04 0:01 /usr/sbin/httpd apache 17426 0.0 0.3 457756 12324 ? Sl 09:07 0:01 /usr/sbin/httpd apache 17431 0.0 0.3 457756 12276 ? Sl 09:08 0:03 /usr/sbin/httpd apache 17434 0.0 0.3 457756 12308 ? Sl 09:08 0:00 /usr/sbin/httpd apache 17437 0.0 0.2 457584 11440 ? Sl 09:09 0:01 /usr/sbin/httpd apache 17442 0.0 0.2 457584 11436 ? Sl 09:10 0:01 /usr/sbin/httpd apache 17445 0.0 0.3 457756 12328 ? Sl 09:11 0:01 /usr/sbin/httpd apache 17449 0.0 0.3 457756 12292 ? Sl 09:12 0:01 /usr/sbin/httpd apache 17454 0.0 0.2 457584 11444 ? Sl 09:15 0:01 /usr/sbin/httpd apache 17457 0.0 0.2 457584 11436 ? Sl 09:15 0:01 /usr/sbin/httpd apache 17461 0.0 0.3 457756 12304 ? Sl 09:16 0:01 /usr/sbin/httpd apache 17465 0.0 0.2 457584 11444 ? Sl 09:18 0:01 /usr/sbin/httpd apache 17468 0.0 0.2 457584 11436 ? Sl 09:18 0:01 /usr/sbin/httpd apache 17473 0.0 0.4 464884 18940 ? Sl 09:19 0:00 /usr/sbin/httpd apache 17476 0.0 0.4 464628 18736 ? Sl 09:20 0:00 /usr/sbin/httpd apache 17479 0.0 0.2 457584 11440 ? Sl 09:20 0:01 /usr/sbin/httpd apache 17483 0.0 0.2 457584 11416 ? Sl 09:21 0:00 /usr/sbin/httpd apache 17486 0.0 0.3 457756 12296 ? Sl 09:21 0:01 /usr/sbin/httpd apache 17489 0.0 0.4 464884 18928 ? Sl 09:21 0:00 /usr/sbin/httpd apache 17492 0.0 0.2 457584 11260 ? Sl 09:22 0:00 /usr/sbin/httpd apache 17496 0.0 0.3 457756 12372 ? Sl 09:22 0:01 /usr/sbin/httpd apache 17500 0.0 0.2 457584 11428 ? Sl 09:23 0:00 /usr/sbin/httpd apache 17504 0.0 0.2 457584 11432 ? Sl 09:25 0:00 /usr/sbin/httpd apache 17509 0.0 0.3 457756 12336 ? Sl 09:27 0:01 /usr/sbin/httpd apache 17513 0.0 0.2 457584 11436 ? Sl 09:29 0:01 /usr/sbin/httpd apache 17517 0.0 0.2 457584 11448 ? Sl 09:31 0:00 /usr/sbin/httpd apache 17520 0.0 0.3 457584 12128 ? Sl 09:32 0:00 /usr/sbin/httpd apache 17525 0.0 0.4 464884 18960 ? Sl 09:34 0:00 /usr/sbin/httpd apache 17529 0.0 0.2 457584 11420 ? Sl 09:36 0:00 /usr/sbin/httpd apache 17533 0.0 0.2 457584 11436 ? Sl 09:38 0:00 /usr/sbin/httpd apache 17537 0.0 0.2 457584 11436 ? Sl 09:38 0:00 /usr/sbin/httpd apache 17542 0.0 0.4 464884 18840 ? Sl 09:40 0:00 /usr/sbin/httpd apache 17546 0.0 0.3 457756 12320 ? Sl 09:41 0:00 /usr/sbin/httpd apache 17550 0.0 0.2 457584 11440 ? Sl 09:42 0:00 /usr/sbin/httpd apache 17554 0.0 0.2 457584 11436 ? Sl 09:43 0:00 /usr/sbin/httpd apache 17557 0.0 0.2 457584 11436 ? Sl 09:44 0:00 /usr/sbin/httpd apache 17560 0.0 0.2 457584 11428 ? Sl 09:44 0:01 /usr/sbin/httpd apache 17568 0.0 0.4 464884 18824 ? Sl 09:48 0:00 /usr/sbin/httpd apache 17572 0.0 0.2 457584 11428 ? Sl 09:48 0:00 /usr/sbin/httpd apache 17575 0.0 0.2 457584 11428 ? Sl 09:48 0:01 /usr/sbin/httpd apache 17583 0.0 0.2 457584 11432 ? Sl 09:50 0:00 /usr/sbin/httpd apache 17586 0.0 0.3 457756 12264 ? Sl 09:50 0:00 /usr/sbin/httpd apache 17589 0.0 0.2 457584 11420 ? Sl 09:51 0:00 /usr/sbin/httpd apache 17597 0.0 0.2 457584 11420 ? Sl 09:53 0:02 /usr/sbin/httpd apache 17600 0.0 0.3 457756 12376 ? Sl 09:54 0:00 /usr/sbin/httpd apache 17604 0.0 0.2 457584 11436 ? Sl 09:55 0:00 /usr/sbin/httpd apache 17610 0.0 0.2 457584 11420 ? Sl 09:59 0:00 /usr/sbin/httpd apache 17615 0.0 0.2 457584 11424 ? Sl 10:00 0:00 /usr/sbin/httpd apache 17618 0.0 0.4 464884 19288 ? Sl 10:00 0:00 /usr/sbin/httpd apache 17635 0.0 0.2 457584 11416 ? Sl 10:01 0:00 /usr/sbin/httpd apache 17639 0.0 0.2 457584 11440 ? Sl 10:02 0:00 /usr/sbin/httpd apache 17643 0.0 0.2 457584 11448 ? Sl 10:03 0:00 /usr/sbin/httpd apache 17648 0.0 0.4 464884 18868 ? Sl 10:06 0:00 /usr/sbin/httpd apache 17651 0.0 0.2 457584 11416 ? Sl 10:07 0:00 /usr/sbin/httpd apache 17655 0.0 0.3 457756 12268 ? Sl 10:08 0:01 /usr/sbin/httpd apache 17658 0.0 0.2 457584 11440 ? Sl 10:08 0:00 /usr/sbin/httpd apache 17663 0.0 0.3 457756 12292 ? Sl 10:11 0:00 /usr/sbin/httpd apache 17666 0.0 0.2 457584 11432 ? Sl 10:11 0:00 /usr/sbin/httpd apache 17672 0.0 0.2 457584 11428 ? Sl 10:14 0:00 /usr/sbin/httpd apache 17676 0.0 0.2 457584 11424 ? Sl 10:16 0:00 /usr/sbin/httpd apache 17680 0.0 0.4 464884 18884 ? Sl 10:16 0:00 /usr/sbin/httpd apache 17683 0.0 0.2 457584 11420 ? Sl 10:19 0:00 /usr/sbin/httpd apache 17689 0.0 0.2 457584 11424 ? Sl 10:23 0:00 /usr/sbin/httpd apache 17692 0.0 0.2 457584 11428 ? Sl 10:23 0:00 /usr/sbin/httpd apache 17696 0.0 0.3 457584 11980 ? Sl 10:25 0:00 /usr/sbin/httpd apache 17699 0.0 0.2 457584 11436 ? Sl 10:25 0:00 /usr/sbin/httpd apache 17704 0.0 0.2 457584 11232 ? Sl 10:27 0:00 /usr/sbin/httpd apache 17711 0.0 0.2 457584 11412 ? Sl 10:30 0:01 /usr/sbin/httpd postfix 17714 0.0 0.0 78732 3216 ? S 10:30 0:00 pickup -l -t fifo -u apache 17715 0.0 0.2 457584 11436 ? Sl 10:30 0:00 /usr/sbin/httpd apache 17718 0.0 0.2 457584 11428 ? Sl 10:31 0:00 /usr/sbin/httpd apache 17726 0.0 0.2 457584 11420 ? Sl 10:36 0:00 /usr/sbin/httpd apache 17731 0.0 0.2 457584 11168 ? Sl 10:37 0:00 /usr/sbin/httpd apache 17734 0.0 0.4 464884 18796 ? Sl 10:37 0:00 /usr/sbin/httpd apache 17743 0.0 0.2 457584 11220 ? Sl 10:43 0:00 /usr/sbin/httpd apache 17746 0.0 0.2 457584 11172 ? Sl 10:44 0:00 /usr/sbin/httpd apache 17750 0.0 0.3 457756 12288 ? Sl 10:44 0:00 /usr/sbin/httpd apache 17753 0.0 0.2 457584 11220 ? Sl 10:45 0:00 /usr/sbin/httpd apache 17756 0.0 0.2 457584 11424 ? Sl 10:46 0:00 /usr/sbin/httpd apache 17763 0.0 0.3 457756 12204 ? Sl 10:51 0:00 /usr/sbin/httpd apache 17766 0.0 0.2 457584 11428 ? Sl 10:51 0:00 /usr/sbin/httpd apache 17771 0.0 0.2 457584 11180 ? Sl 10:54 0:00 /usr/sbin/httpd apache 17774 0.0 0.2 457584 11416 ? Sl 10:54 0:00 /usr/sbin/httpd apache 17779 0.0 0.2 457584 11428 ? Sl 10:58 0:00 /usr/sbin/httpd apache 17784 0.0 0.2 457584 11380 ? Sl 11:00 0:00 /usr/sbin/httpd apache 17805 0.0 0.2 457584 11380 ? Sl 11:05 0:00 /usr/sbin/httpd apache 17818 0.0 0.2 457584 11156 ? Sl 11:11 0:00 /usr/sbin/httpd apache 17823 0.0 0.2 457584 11416 ? Sl 11:12 0:00 /usr/sbin/httpd apache 17827 0.0 0.2 457584 11412 ? Sl 11:13 0:00 /usr/sbin/httpd apache 17831 0.0 0.2 457584 11132 ? Sl 11:13 0:00 /usr/sbin/httpd root 17835 0.0 0.0 97780 3792 ? S 11:14 0:00 sshd: smaity [priv] smaity 17839 0.0 0.0 97780 1748 ? S 11:15 0:00 sshd: smaity@pts/0 smaity 17840 0.0 0.0 108288 1928 pts/0 Ss 11:15 0:00 -bash apache 17858 0.0 0.4 464884 18856 ? Sl 11:16 0:00 /usr/sbin/httpd apache 17862 0.0 0.3 457584 11904 ? Sl 11:17 0:00 /usr/sbin/httpd apache 17866 0.0 0.2 457584 11212 ? Sl 11:19 0:00 /usr/sbin/httpd apache 17871 0.0 0.2 457584 11144 ? Sl 11:20 0:00 /usr/sbin/httpd apache 17875 0.0 0.2 457584 11416 ? Sl 11:23 0:00 /usr/sbin/httpd apache 17880 0.0 0.2 457584 11408 ? Sl 11:23 0:00 /usr/sbin/httpd apache 17883 0.0 0.2 457584 11412 ? Sl 11:24 0:00 /usr/sbin/httpd apache 17888 0.0 0.2 457584 11412 ? Sl 11:25 0:00 /usr/sbin/httpd apache 17891 0.0 0.2 457584 11140 ? Sl 11:26 0:00 /usr/sbin/httpd apache 17899 0.0 0.2 457584 10984 ? Sl 11:32 0:00 /usr/sbin/httpd apache 17902 0.0 0.2 457584 11680 ? Sl 11:33 0:00 /usr/sbin/httpd apache 17906 0.0 0.2 457584 10980 ? Sl 11:33 0:00 /usr/sbin/httpd Output of wget http://mydomain.com/ --2012-09-13 13:35:17-- http://mydomain.com/ Resolving mydomain.com... 127.0.0.1 Connecting to mydomain.com|127.0.0.1|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 45 [text/html] Saving to: “index.html” 0% [ ] 0 --.-K/s in 0s Cannot write to “index.html” (No space left on device). UPDATE3: output of df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg_inamivm-lv_root 18G 17G 0 100% / tmpfs 1.9G 0 1.9G 0% /dev/shm /dev/sda1 485M 71M 389M 16% /boot output of wget -O /dev/null http://127.0.0.1/ --2012-09-13 13:47:49-- http://127.0.0.1/ Connecting to 127.0.0.1:80... connected. HTTP request sent, awaiting response... 200 OK Length: 45 [text/html] Saving to: “/dev/null” 100%[======================================================================================================>] 45 --.-K/s in 0s 2012-09-13 13:47:54 (8.57 MB/s) - “/dev/null” saved [45/45]

    Read the article

1 2  | Next Page >