Date: Wed, 14 Jul 1999 21:28:57 +0300 From: Evren Yurtesen <yurtesen@ispro.net.tr> To: Anil Jangity <aj@entic.net> Cc: "Childers, Richard" <RCHILDER@hamquist.com>, "'freebsd-security@freebsd.org '" <freebsd-security@FreeBSD.ORG> Subject: Re: weird w report? Message-ID: <378CD6E8.D515E81D@ispro.net.tr> References: <Pine.BSF.4.10.9907141056340.12810-100000@shell.entic.net>
next in thread | previous in thread | raw e-mail | index | archive | help
well, I have had the same kind of thing in FreeBSD 3.1-Stable, and I could not find a way to log out the user, well I also could not find any process owned by that user! I thought the problem was about /var/run/utmp file which was supposed to know the logged in users... then I just deleted it by issuing cat /dev/null > /var/run/utmp and everything is normal right now, there have been 2 weeks so far after this weird thing. when I deleted it I have found myself invisible too, and w was saying there are 0 users logged in! then I logged out and logged in again and it was normal ( for a moment I thought it may say -1 users or something though ) Evren Anil Jangity wrote: > |"I have a weird user logon." > | > |<ahem> > | > |I don't mean to sound like an old grouch, here, but trouble reports that are > |not accompanied by simple ASCII cut-and-paste examples of the 'here's what I > |do, here's what I see' variety are worth almost nothing. > > Richard, > > I don't see how different this is from my explanation post but here goes: > > -------------------------------------------------------------------------- > [root@shell:~] w |grep drenica > root p6 fiber.entic.net 10:57AM - grep drenica > drenica pj 98CC44E1.ipt.aol Thu07PM 5days - > [root@shell:~] ls -la /dev/ttypj > crw-rw-rw- 1 root wheel 5, 19 Jul 8 19:31 /dev/ttypj > [root@shell:~] w | grep drenica > root p6 fiber.entic.net 10:57AM - grep drenica > drenica pj 98CC44E1.ipt.aol Thu07PM 5days - > [root@shell:~] last drenica | grep pj > drenica ttypj 152.204.68.225 Thu Jul 8 19:24 still logged in > [root@shell:~] ping 152.204.68.225 > PING 152.204.68.225 (152.204.68.225): 56 data bytes > ^C36 bytes from 205.188.192.98: Destination Host Unreachable > Vr HL TOS Len ID Flg off TTL Pro cks Src Dst > 4 5 00 5400 24de 0 0000 f0 01 7c3d 209.157.122.66 152.204.68.225 > > --- 152.204.68.225 ping statistics --- > 1 packets transmitted, 0 packets received, 100% packet loss > [root@shell:~] su -l drenica > [drenica@shell:~] ps > PID TT STAT TIME COMMAND > 12865 p6 S 0:00.08 -su (bash) > 12868 p6 R+ 0:00.00 ps > [drenica@shell:~] kill -9 -1 > su: kill: (-1) - No such pid > [drenica@shell:~] exit > logout > [root@shell:~] ps auxU drenica > USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND > [root@shell:~] [drenica@shell:~] ps > PID TT STAT TIME COMMAND > 12865 p6 S 0:00.08 -su (bash) > 12868 p6 R+ 0:00.00 ps > [drenica@shell:~] kill -9 -1 > su: kill: (-1) - No such pid > > oh and: > [root@shell:/var/log] uname -r > 2.2.8-STABLE > > ;-) > -------------------------------------------------------------------------- > I think a reboot will fix it, but I am not going to reboot over this. So, > looking for other alternatives. > > Kind regards, > > Anil Jangity > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?378CD6E8.D515E81D>