Summary:Re: "Top" Output

From: Venu M Middela (vmiddela@cs.gmu.edu)
Date: Thu Jun 11 1998 - 13:06:43 CDT


Hello Gurus,
        Many of you suggeested me to check the passwd file for an
        entry for 0 which is obviously owned by root and smtp on
         solaris.The machine I'm talking about is ultra 1.I just
         reloaded the machine from scratch. I have couple of other
         ultra 1s which work fine when I use top.One of you had suggested
         to to kill
         the nscd daemon and restart using
         # cd /etc/init.d
        #./nscd stop
        #./nscd start. I tried this. What I also did was to disable
        the account smtp on the machine. But still the problem comes
        back even after disabling the account "smtp". When I run "top"
        as a user it problem remains , but when I run "top"
        as a root the statistics show the root ownership. I'm totally
        confused. Please help.

        Thanks again and will summarise.

Venu M Middela
vmiddela@cs.gmu.edu

On Thu, 11 Jun 1998, Venu M Middela wrote:

> Date: Thu, 11 Jun 1998 01:33:05 -0400 (EDT)
> From: Venu M Middela <vmiddela@cs.gmu.edu>
> To: Sun Managers <sun-managers@sunmanagers.ececs.uc.edu>
> Subject: "Top" Output
>
> Hello Gurus,
> When I run "Top" on one of my workstations, I got the following
> output, I had no clue why "smtp" is the owner of most of the processes.
> But when do a ps on all the processes the processes run by "smtp"
> previously are run as usual by root.
> I was just worried if this was anything concerning security compromise.
> Please help.
> Thanks will summarise,
>
> Venu.
>
>
>
> PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND
> 151 smtp 34 0 2752K 1984K sleep 0:02 0.02% 0.00% automountd
> 1765 vmiddela 33 0 2072K 1928K cpu 0:00 0.21% 0.00% top
> 1746 smtp -6 0 1496K 1272K sleep 0:00 0.01% 0.00% in.telnetd
> 174 smtp 0 0 2048K 1728K sleep 0:00 0.00% 0.00% nscd
> 1642 smtp 3 0 1480K 1208K sleep 0:00 0.00% 0.00% ttymon
> 103 smtp 8 0 1648K 432K sleep 0:00 0.00% 0.00% keyserv
> 131 smtp 10 0 1672K 840K sleep 0:00 0.00% 0.00% lockd
> 168 smtp 23 0 1584K 1168K sleep 0:00 0.00% 0.00% cron
> 194 smtp 23 0 1472K 856K sleep 0:00 0.00% 0.00% lpNet
> 126 smtp 24 0 1960K 1504K sleep 0:00 0.00% 0.00% inetd
> 129 smtp 27 0 1728K 896K sleep 0:00 0.00% 0.00% statd
> 109 smtp 30 0 1696K 880K sleep 0:00 0.00% 0.00% ypbind
> 301 smtp 33 0 2984K 1568K sleep 0:00 0.00% 0.00%
> rpc.ttdbserver
> 184 smtp 33 0 2928K 1504K sleep 0:00 0.00% 0.00% lpsched
> 203 smtp 33 0 1832K 1184K sleep 0:00 0.00% 0.00% lpNet
>
>
>
>
>



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:41 CDT