Vous n'êtes pas identifié.
Bonjour,
Mon serveur bourre : je dois le redémarrer tout les jours... Je suppose que je suis hacké mais c'est pas sûr. Comment est-ce que je peux faire?
Meilleures salutations.
Jean.
Hors ligne
Hello !
Je ne connais pas gentoo, mais as-tu regardé tes logs avec dmesg ? Est-ce que tu as encore assez d'espace disque ? Est-ce que tu as essayé de scanner ton système avec clamscan -i -r / (ça sera un peu long) ?
Hors ligne
Salut,
merci pour la réponse. Ci-dessous voici ce que me donne dmesg :
device-mapper: multipath: version 1.0.6 loaded EXT3 FS on md1, internal journal kjournald starting. Commit interval 5 seconds EXT3 FS on md2, internal journal EXT3-fs: mounted filesystem with ordered data mode. Adding 525304k swap on /dev/sda3. Priority:-1 extents:1 across:525304k Adding 525304k swap on /dev/sdb3. Priority:-2 extents:1 across:525304k loop: loaded (max 8 devices) kjournald starting. Commit interval 5 seconds EXT3-fs warning: checktime reached, running e2fsck is recommended EXT3 FS on loop0, internal journal EXT3-fs: mounted filesystem with ordered data mode. Loading iSCSI transport class v2.0-871. libcxgbi:libcxgbi_init_module: tag itt 0x1fff, 13 bits, age 0xf, 4 bits. libcxgbi:ddp_setup_host_page_size: system PAGE 4096, ddp idx 0. Chelsio T3 iSCSI Driver cxgb3i v2.0.0 (Jun. 2010) iscsi: registered transport (cxgb3i) NET: Registered protocol family 10 lo: Disabled Privacy Extensions IPv6 over IPv4 tunneling driver sit0: Disabled Privacy Extensions cnic: Broadcom NetXtreme II CNIC Driver cnic v2.5.12 (June 29, 2012) Broadcom NetXtreme II iSCSI Driver bnx2i v2.7.2.2 (Jun 18, 2012) iscsi: registered transport (bnx2i) iscsi: registered transport (tcp) iscsi: registered transport (iser) iscsi: registered transport (be2iscsi) ADDRCONF(NETDEV_UP): eth0: link is not ready e1000e: eth0 NIC Link is Up 100 Mbps Full Duplex, Flow Control: None e1000e 0000:00:19.0: eth0: 10/100 speed: disabling TSO ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready You need to implement a remote task_setrlimit in your security module and call it directly from this functionWARNING: at security/security.c:51 security_ops_task_setrlimit() Call Trace: [<ffffffff8012f113>] security_ops_task_setrlimit+0x87/0x96 [<ffffffff8009dcd6>] do_prlimit+0xd7/0x1d2 [<ffffffff8009ee1f>] sys_setrlimit+0x36/0x43 [<ffffffff8005d29e>] tracesys+0xd5/0xdf ip_tables: (C) 2000-2006 Netfilter Core Team eth0: no IPv6 routers present
Il me semble que c'est ok...
J'ai CPANEL et quand je fais un cpanel start il me répond :
sudo /etc/init.d/cpanel start Starting cPanel services: Failed to write lock file: /var/cpanel/cpanel.config.lock: Bad file descriptor at /usr/local/cpanel/Cpanel/SafeFileLock.pm line 17. warn [startcpsrvd] could not acquire a lock for '/var/cpanel/cpanel.config' warn [Cpanel::Config::LoadConfig] Unable to open /var/cpanel/cpanel.config: Can't use an undefined value as a symbol reference at /usr/local/cpanel/Cpanel/SafeFile.pm line 68. [FAILED] Starting cPanel brute force detector services: [ OK ] Starting cPanel dav services: [FAILED] Starting pop3 services: Waiting for (?^:^cppop(?:-ssl)?$) to shutdown ... not running. Failed to write lock file: /var/cpanel/cpanel.config.lock: Bad file descriptor at /usr/local/cpanel/Cpanel/SafeFileLock.pm line 17. warn [startcppop] could not acquire a lock for '/var/cpanel/cpanel.config' warn [Cpanel::Config::LoadConfig] Unable to open /var/cpanel/cpanel.config: Can't use an undefined value as a symbol reference at /usr/local/cpanel/Cpanel/SafeFile.pm line 68. [FAILED] Starting cPanel Chat services: Starting cPanel ssl services: Failed to write lock file: /var/cpanel/cpanel.config.lock: Bad file descriptor at /usr/local/cpanel/Cpanel/SafeFileLock.pm line 17. warn [startstunnel] could not acquire a lock for '/var/cpanel/cpanel.config' warn [Cpanel::Config::LoadConfig] Unable to open /var/cpanel/cpanel.config: No such file or directory Can't use an undefined value as a symbol reference at /usr/local/cpanel/Cpanel/SafeFile.pm line 68. [FAILED] Starting cPanel Queue services: [ OK ] Starting tailwatchd: Failed to write lock file: /var/cpanel/cpanel.config.lock: Bad file descriptor at /usr/local/cpanel/Cpanel/SafeFileLock.pm line 17. warn [tailwatchd] could not acquire a lock for '/var/cpanel/cpanel.config' warn [Cpanel::Config::LoadConfig] Unable to open /var/cpanel/cpanel.config: Can't use an undefined value as a symbol reference at /usr/local/cpanel/Cpanel/SafeFile.pm line 68. [FAILED] Starting cPanel Log services: Failed to write lock file: /var/cpanel/cpanel.config.lock: Bad file descriptor at /usr/local/cpanel/Cpanel/SafeFileLock.pm line 17. warn [cpanellogd] could not acquire a lock for '/var/cpanel/cpanel.config' warn [Cpanel::Config::LoadConfig] Unable to open /var/cpanel/cpanel.config: No such file or directory Can't use an undefined value as a symbol reference at /usr/local/cpanel/Cpanel/SafeFile.pm line 68. [FAILED] Starting mailman services: Failed to write lock file: /var/cpanel/cpanel.config.lock: Bad file descriptor at /usr/local/cpanel/Cpanel/SafeFileLock.pm line 17. warn [startmailman] could not acquire a lock for '/var/cpanel/cpanel.config' warn [Cpanel::Config::LoadConfig] Unable to open /var/cpanel/cpanel.config: No such file or directory Can't use an undefined value as a symbol reference at /usr/local/cpanel/Cpanel/SafeFile.pm line 68. [FAILED]
Je suis super dans la merde et j'ai aucune idée pouquoi...
A+.
Jean.
Hors ligne
Resalut,
En fait j'ai fait un df -ih
df -ih Filesystem Inodes IUsed IFree IUse% Mounted on rootfs 1.3M 1.3M 0 100% / /dev/root 1.3M 1.3M 0 100% / /dev 4.0M 290 4.0M 1% /dev /dev/md2 5.8M 318K 5.5M 6% /home tmpfs 4.0M 1 4.0M 1% /dev/shm /dev/loop0 126K 1.1K 124K 1% /tmp /dev/loop0 126K 1.1K 124K 1% /var/tmp
Je ne sais pas comment vider les inodes....
A+.
Jean.
Hors ligne
Salut,
J'ai réussi à vider les inodes
df -ih Filesystem Inodes IUsed IFree IUse% Mounted on rootfs 1.3M 154K 1.1M 13% / /dev/root 1.3M 154K 1.1M 13% / /dev 4.0M 290 4.0M 1% /dev /dev/md2 5.8M 318K 5.5M 6% /home tmpfs 4.0M 1 4.0M 1% /dev/shm /dev/loop0 126K 22 125K 1% /tmp /dev/loop0 126K 22 125K 1% /var/tmp
Il me semble que exim me remplit trop vite mon serveur....
Que faire???
A+.
Jean.
Hors ligne
Salut,
J'ai réglé exim en suivant ceci : http://helpinlinux.com/cpanel-exim-stop-spam/
A+.
Jean.
Hors ligne
PS : pour vider la queue d'exim dans /var/spool/exim
/usr/sbin/exiqgrep -i | xargs /usr/sbin/exim -Mrm
Hors ligne
Salut,
Un de mes administré me répond qu'il ne peut plus envoyer d'email....
Vat-il se prendre un savon????
A+.
Jean.
Hors ligne
Salut,
En fait un virus chez un client envoyait des tonnes d'email au moyen du serveur. Ces emails gonflaient la queue exim, je ne sais pas pourquoi et faisait que les inodes arrivaient à 100%. Ce qui mettait finalement le serveur en panne. Après avoir analysé les logs exim, j'ai pu changer le mot de passe de l'utilisateur qui était vérolé pour provisoirement rétablir le serveur.
Meilleures salutations.
Jean.
Hors ligne