Date: Wed, 14 Jul 1999 15:17:07 -0500 (CDT) From: John Preisler <john@vapornet.net> To: Evren Yurtesen <yurtesen@ispro.net.tr> Cc: "'freebsd-security@freebsd.org '" <freebsd-security@FreeBSD.ORG> Subject: Re: weird w report? Message-ID: <14220.60921.284563.561916@habanero.chili-pepper.net> In-Reply-To: <378CDBC2.7EDF748C@ispro.net.tr> References: <D57D3E9BF7C1D211884400805F77AC7DFE37E4@sf1-mail01> <Pine.BSF.4.10.9907141056340.12810-100000@shell.entic.net> <14220.54680.327151.509940@habanero.chili-pepper.net> <378CDBC2.7EDF748C@ispro.net.tr>
index | next in thread | previous in thread | raw e-mail
Evren Yurtesen writes: > well, how come that can happen if that user does not have a process > running? consider it a bug. i always thtought it was a bug in screen because i only see it manifest itself when screen is a factor. after they close the screen session and log out, the entry in utmp still remained. > and in my previous email I told that the same thing happened to me, > the user who was in w but had no process was myself! yes, after you blew away utmp you said nobody showed up not even yourself, and didnt update until you [the next user to do so, presumably] logged in again. expected behavior. > and I am sure that I did not use screen command, also it is not > even installed on my system. > Evren anyway, the user is not logged in as you can tell by the lack of processes running for said user. its a bogus utmp entry. the offending tty is available, and last(1) will still show user logged in even after the tty gets used again. -j > > John Preisler wrote: > > > its a remnant leftover from a gnu screen session. > > > > -j > > > > Anil Jangity writes: > > > |"I have a weird user logon." > > > | > > > |<ahem> > > > | > > > |I don't mean to sound like an old grouch, here, but trouble reports that are > > > |not accompanied by simple ASCII cut-and-paste examples of the 'here's what I > > > |do, here's what I see' variety are worth almost nothing. > > > > > > > > > Richard, > > > > > > I don't see how different this is from my explanation post but here goes: > > > > > > -------------------------------------------------------------------------- > > > [root@shell:~] w |grep drenica > > > root p6 fiber.entic.net 10:57AM - grep drenica > > > drenica pj 98CC44E1.ipt.aol Thu07PM 5days - > > > [root@shell:~] ls -la /dev/ttypj > > > crw-rw-rw- 1 root wheel 5, 19 Jul 8 19:31 /dev/ttypj > > > [root@shell:~] w | grep drenica > > > root p6 fiber.entic.net 10:57AM - grep drenica > > > drenica pj 98CC44E1.ipt.aol Thu07PM 5days - > > > [root@shell:~] last drenica | grep pj > > > drenica ttypj 152.204.68.225 Thu Jul 8 19:24 still logged in > > > [root@shell:~] ping 152.204.68.225 > > > PING 152.204.68.225 (152.204.68.225): 56 data bytes > > > ^C36 bytes from 205.188.192.98: Destination Host Unreachable > > > Vr HL TOS Len ID Flg off TTL Pro cks Src Dst > > > 4 5 00 5400 24de 0 0000 f0 01 7c3d 209.157.122.66 152.204.68.225 > > > > > > > > > --- 152.204.68.225 ping statistics --- > > > 1 packets transmitted, 0 packets received, 100% packet loss > > > [root@shell:~] su -l drenica > > > [drenica@shell:~] ps > > > PID TT STAT TIME COMMAND > > > 12865 p6 S 0:00.08 -su (bash) > > > 12868 p6 R+ 0:00.00 ps > > > [drenica@shell:~] kill -9 -1 > > > su: kill: (-1) - No such pid > > > [drenica@shell:~] exit > > > logout > > > [root@shell:~] ps auxU drenica > > > USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND > > > [root@shell:~] [drenica@shell:~] ps > > > PID TT STAT TIME COMMAND > > > 12865 p6 S 0:00.08 -su (bash) > > > 12868 p6 R+ 0:00.00 ps > > > [drenica@shell:~] kill -9 -1 > > > su: kill: (-1) - No such pid > > > > > > oh and: > > > [root@shell:/var/log] uname -r > > > 2.2.8-STABLE > > > > > > ;-) > > > -------------------------------------------------------------------------- > > > I think a reboot will fix it, but I am not going to reboot over this. So, > > > looking for other alternatives. > > > > > > > > > Kind regards, > > > > > > Anil Jangity > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14220.60921.284563.561916>