JOHN HEMMER wrote: > > On Thu, 28 Mar 2002, David Savolainen wrote: > > > I checked to see if chkrootkit is installed, and it isn't. I just don't > > see what process could be hung up. Unless I don't know how to fully > > understand the output of ps. Here is a current ps -ef. Things have not > > changed much from the ps -aux I attached ealier. > > > > thanks! > > > > David > > > > UID PID PPID C STIME TTY TIME CMD
<snip> > > David, > > I always suspect the process with the highest cpu time. What is > process PID # 2959, /etc/X11/X on the line above, suppose to be > doing? 4 minutes and 6 seconds is a lot of processor time. What > would happen if you kill it? > > John > > ------------------------------------------------------------------------ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com John, The culprit is not X. I performed a reboot and let it sit over night having run no programs. The load average was nailed at 1.00 all night. Here are the process from a fresh reboot, although, it seems some of the command names have been cut off: USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.1 1412 504 ? S Mar28 0:06 init root 2 0.0 0.0 0 0 ? SW Mar28 0:00 [keventd] root 3 0.0 0.0 0 0 ? SW Mar28 0:00 [kapmd] root 4 0.0 0.0 0 0 ? SWN Mar28 0:00 [ksoftirqd_CPU0] root 5 0.0 0.0 0 0 ? SW Mar28 0:00 [kswapd] root 6 0.0 0.0 0 0 ? SW Mar28 0:00 [bdflush] root 7 0.0 0.0 0 0 ? SW Mar28 0:00 [kupdated] root 8 0.0 0.0 0 0 ? SW< Mar28 0:00 [mdrecoveryd] root 11 0.0 0.0 0 0 ? SW Mar28 0:00 [kreiserfsd] root 65 0.0 0.2 1772 908 ? S Mar28 0:00 devfsd /dev root 283 0.0 0.0 0 0 ? SW Mar28 0:00 [pagebuf_daemon] root 614 0.0 0.0 0 0 ? SW Mar28 0:00 [khubd] root 1031 0.0 0.1 1512 596 ? S Mar28 0:01 syslogd -m 0 root 1040 0.0 0.2 2012 1108 ? S Mar28 0:00 klogd -2 daemon 1094 0.0 0.1 1436 496 ? S Mar28 0:00 /usr/sbin/atd root 1217 0.0 0.4 4832 1868 ? S Mar28 0:00 cupsd root 1352 0.0 0.4 4204 1580 ? D Mar28 0:00 /usr/sbin/amd -F root 1392 0.0 0.0 0 0 ? SW Mar28 0:00 [rpciod] rpc 1408 0.0 0.1 1544 532 ? S Mar28 0:00 portmap root 1483 0.0 0.1 1520 636 ? S Mar28 0:00 /usr/sbin/automou root 1499 0.0 0.1 1520 632 ? S Mar28 0:00 /usr/sbin/automou root 1610 0.0 0.1 1452 524 ? S Mar28 0:00 gpm -t imps2 -m / root 1710 0.0 0.1 1620 664 ? S Mar28 0:00 crond xfs 1751 0.0 0.9 4968 3556 ? S Mar28 0:00 xfs -port -1 -dae root 1976 0.0 0.3 2404 1292 tty1 S Mar28 0:00 login -- david root 1977 0.0 0.1 1380 408 tty2 S Mar28 0:00 /sbin/mingetty tt root 1978 0.0 0.1 1380 408 tty3 S Mar28 0:00 /sbin/mingetty tt root 1979 0.0 0.1 1380 408 tty4 S Mar28 0:00 /sbin/mingetty tt root 1980 0.0 0.1 1380 408 tty5 S Mar28 0:00 /sbin/mingetty tt root 1981 0.0 0.1 1380 408 tty6 S Mar28 0:00 /sbin/mingetty tt david 9257 0.5 0.4 2784 1592 vc/1 S 06:17 0:00 -bash david 9291 0.0 0.2 2800 856 vc/1 R 06:18 0:00 ps -aux Also, as Rob suggested, here is the output from vmstat: procs memory swap io system cpu r b w swpd free buff cache si so bi bo in cs us sy id 2 1 0 884 19892 4324 138676 0 0 41 30 115 32 1 0 99 I am not exactly sure how to parse the results... regards, David
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
