Hello.
Did anybody ever experience kernel oopses and even kernel crashes (after a
while), by just restarting repeatedly the auditd daemon?
I ask this because i had this problem on Dell R610 servers running Gentoo
Linux kernels gentoo-sources-3.0.6 and gentoo-sources-2.6.37-r4 (see this
bug:
Please read below.
On Wed, Jan 25, 2012 at 9:20 PM, Eric Paris epa...@redhat.com wrote:
On Wed, 2012-01-25 at 18:45 +0200, Valentin Avram wrote:
Did anybody ever experience kernel oopses and even kernel crashes
(after a while), by just restarting repeatedly the auditd daemon
/0x130 SS:ESP 0068:f2415f90
CR2: 0004
---[ end trace d10081cf0e5b936c ]---
So far only one oops occured, however the test server is doing quite
nothing right now. I'll install more services, retry and post back here the
results.
On Thu, Jan 26, 2012 at 9:13 AM, Valentin Avram ava
i'm seeing (or everybody's
thinking that nobody would restart auditd so often, so the bug it's not
that serious).
Thank you for your time.
On Wed, Feb 8, 2012 at 6:11 PM, Valentin Avram ava...@gmail.com wrote:
parse_oops.tgz
Description: GNU Zip compressed data
kernel_config.gz
Description
significant headaches here at work, but I haven't had a lot of
luck. I'm using usermode linux, though, so that might be interfering
with things.
On Mon, Mar 5, 2012 at 12:35 AM, Valentin Avram ava...@gmail.com
wrote:
Finally i found some time and spare server to retest the oops
There is another way we used to pass PCI-DSS.
We use an audit rule to log all EXECVE happening on production servers,
rsyslog the logs to the remote centralized logs server, then parse the
audit logs there using a cron script and rebuild the commands issued on
each server by any user id.
Hope
