Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
We use DB2 on Redhat. An instance of DB2 was running and then died unexpectedly for seemingly no reason. The DB2 support person told us that the reason the instance died was because a kill -9 was issued against a db2 process. I've searched all of the user's history files and was not able to find the issuer. Is there any way to track down a kill -9 issuance from the past few days on the system?
Distribution: BeOS, BSD, Caldera, CTOS, Debian, LFS, Mac, Mandrake, Red Hat, Slackware, Solaris, SuSE
Posts: 1,761
Rep:
Intresting, how did the DB2 support person know kill -9 was issued since you can't find it in the users command history files? The system log files are usually located in /var/log or /var/adm. I don't recall any typical system log file recording user commands other than a service starting/stopping. Finding when the process was logged as stopped might help to narrow down your search?
It wasn't difficult to find in the db2diag.log file:
2007-10-31-23.24.50.920652-240 E6455446G877 LEVEL: Severe
PID : 22016 TID : 3086423744 PROC : db2gds 0
INSTANCE: expinst1 NODE : 000
FUNCTION: DB2 UDB, oper system services, sqloEDUSIGCHLDHandler, probe:50
DATA #1 : <preformatted>
Detected the death of an EDU with process id 22565
The signal number that terminated this process was 9
Look for trap files (t22565.*) in the dump directory
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.