?
Hi,
We're having some trouble on the server using Fedora core 1. There are a lot of
cdk* <cdk3lkgH> files in the /tmp directory. It is a Live Server.
Also, the web service stopped. I could not stop it or start it. I had to reboot
the server. I have never seen anything like this before...
Following are the files are creating in /tmp folder
-rw------- 1 apache apache 0 May 9 06:30 cdk00meH7
-rw------- 1 apache apache 0 May 9 06:32 cdk03zNMI
-rw------- 1 apache apache 0 May 9 06:30 cdk09xzdz
-rw------- 1 apache apache 0 May 9 06:34 cdk0A3qcx
-rw------- 1 apache apache 0 May 9 06:40 cdk0bpWDk
-rw------- 1 apache apache 0 May 9 06:34 cdk0FHiip
-rw------- 1 apache apache 0 May 9 06:39 cdk0I9yqS
-rw------- 1 apache apache 0 May 9 06:48 cdk0iUxTI
I have created a cron job to delete this file every an hour. Please give some
permenant solution to solve this error.
Please check these status.
[root@neo]: cd /tmp
[root@neo]: find . -name 'cdk*' | xargs rm
[root@neo]: top
13:41:03 up 1 day, 10:18, 1 user, load average: 252.19, 251.47, 250.61
365 processes: 359 sleeping, 6 running, 0 zombie, 0 stopped
CPU states: cpu user nice system irq softirq iowait idle
total 1.9% 0.0% 94.1% 0.0% 0.0% 0.0% 3.9%
Mem: 1032776k av, 1022464k used, 10312k free, 0k shrd, 48820k buff
212036k active, 744012k inactive
Swap: 1052248k av, 1052248k used, 0k free 55772k cached
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND
14036 root 24 0 21872 21M 5316 R 52.8 2.1 0:12 0 httpd
14069 root 20 0 1132 1132 852 R 11.5 0.1 0:00 0 relaylock
14067 drweb 21 0 1336 1336 1064 R 6.0 0.1 0:00 0 update.pl
14068 apache 25 0 356 356 284 R 6.0 0.0 0:00 0 sh
2993 root 18 0 616 592 544 S 4.7 0.0 0:01 0 crond
2189 root 17 0 864 820 740 S 4.3 0.0 0:27 0 xinetd
14065 drweb 21 0 776 776 672 S 4.3 0.0 0:00 0 sh
14066 root 18 0 636 632 568 S 4.3 0.0 0:00 0 crond
14039 root 17 0 1344 1344 784 R 1.7 0.1 0:00 0 top
1 root 16 0 424 396 368 S 0.0 0.0 0:04 0 init
2 root 15 0 0 0 0 SW 0.0 0.0 0:00 0 keventd
3 root 15 0 0 0 0 SW 0.0 0.0 0:00 0 kapmd
4 root 34 19 0 0 0 SWN 0.0 0.0 0:00 0 ksoftirqd/0
6 root 25 0 0 0 0 SW 0.0 0.0 0:00 0 bdflush
7 root 15 0 0 0 0 SW 0.0 0.0 0:00 0 kupdated
[root@neo]: ps fu | grep httpd
root 14341 0.0 0.0 1900 392 pts/0 S 13:43 0:00
\_ grep httpd
apache 3450 0.5 0.2 63924 3028 ? D 02:17 3:35 /usr/sbin/httpd
apache 3452 0.5 0.2 63884 3036 ? D 02:17 3:57 /usr/sbin/httpd
apache 3453 0.5 0.2 67664 2996 ? D 02:17 4:02 /usr/sbin/httpd
apache 16575 0.0 0.8 60388 8432 ? D 08:07 0:02 /usr/sbin/httpd
apache is showing "D" status.
[root@neo]: fuser 443/tcp
443/tcp: 3102 3271 3437 3450 3452 16575
[root@neo]: kill -9 3102 3271 3437 3450 3452 16575
not able to kill this process also.
Please help me on this. Is it a Virus, or any other problem.
thanks
V.Ramasubramani