Re: 2.4.18 fork & defunct child.
am 18.11.2003 01:26:00 von Keith WhyteEdgar Toernig wrote:
{ strace listing deleted, see
http://marc.theaimsgroup.com/?l=linux-kernel&m=1069053867253 08&w=2 }
>That is not normal /bin/true behaviour. Sure your system
>isn't hacked? Give the -f option to ptrace to see what the
>forked process is trying to do... Compare the size of
>/bin/true with a known-good one.
>
>Ciao, ET.
>
I'm not sure. I should be running tripwire or something, this is the
only one of my systems that doesn't run such a thing, as i have the
firewall locked down and have been busy.
But it is true i accidently did iptables -F and it was left that way for
a few days.
But this happens with any program, not just /bin/true, also the
/bin/true on the root and chroot systems are identical. and with much
interest i discovered, that if i unmount /proc, the problem goes away. aggh.
that is why it is not exhibiting itself in the chroot system, - no /proc.
I also remember that when this first happen nearly a year ago, some
"unix engineer" at the ISP said, oh yeah that's because something in the
ext2 filesystem header is corrupted.. i don't quite remember what he
said exactly, something that sounded so far fetched that i ignored it.
does that ring any bells with anyone?
please help, ug, i hate having a linux system that's not reliable. feels
like having a pet that's in pain or something.
btw,
/lib/libc.so.6 -> libc-2.2.5.so
Keith
(i'm cross-posting here to gcc and admin in the hopes of finding someone
who has seen this, thanks!)