Well after over 6 months of uptime, one of our servers crashed this morning. This is a readhat 9 system running the 2.6.2 kernel with apache, php, sshd, proftpd (all the most current versions). When I checked the server this AM, it had some kernel error on the screen that ended with:
Code:
Unable to handle kernel paging request at virtual address 2e7365d8
printing eip:
c0114a3f
#pde = 0000000000
It took me a few reboots to finally get the system back up. When I would reboot, it would get the dreaded long-beep-three-short-beeps beep code. At one point when I rebooted, it kernel paniced half way through the boot process with:
Code:
Code: 00 ba 05 00 00 00 8d 7d b4 8d 75 b4 fc 89 d1 f3 ab b8 00 e0
Kernel panic: attempted to kill init!
I even tried booting into the stock kernel to see if that helped, but it didn't. I did some googling for the first message, and it looks to be memory related (which would reinforce the BIOS beep code I heard). So right now I'm thinking hardware failure with the memory.
When I did finally get the system back up, I started checking over logs. No unusual activity in syslog. Only thing in /var/log/secure was these damned brutessh attempts. I performed a tripwire integrity check and it said all was well. All user passwords are good ones (e.g. non-dictionary, alphanumeric). No dead login accounts lying around. Anything else I should check?
Also, I don't know where to find logs of the kernel crashes. /var/log/messages only has normal activity until the final successful reboot, i.e. there aren't any log messages from the failed boot attempts. Same with /var/log/boot.log. Would there be any logs from these attempts?
Any comments/questions are welcome at this point.
