Automatically OS becoming Read only mode
 

Hi,

I have two similar PE 6650 systems which has SUSE Linux 9(SLES 9) OS installed. One of the system behaving differently. Other one is stable.
Oracle 10g database is also installed in both server.

The problem in the first server is as follows:

The system sometimes turn into read-only mode which creates almost every problem in the world.
1. The database cannot write anything into the file system. so it stops or closes or crashes.
2. Most of the linux command does not work at all.
3. Cannot shutdown or reboot the system
4. Cannot even read /var/log/message or /var/log/warn file.
5. If I try to create a file anywhere it come up with first message
"E303: Unable to open swap file for "abc", recovery impossible" and while coming out it is showing "E138: Can't write viminfo file /home/oracle/.viminfo!" as I logged in as oracle
6. The file system looks normal.
7. Then the only way I have to do is go to server room and switch off the power and start again which is a very bad thing to do, but I don't have any choice.
8. The possible explanation might me.. "the problem with Hardware", but I am not sure

I need a desperate help here. Thanks in advance for any suggestion, idea, solutions.

Thanks
jekd

Sincerely, this sound like you have been badly rooted (hacked) and that you server is badly compromised. You better boot-up with a live-cd distro (like knoppix) and to find this out _quick_.

I started the system again
 

Thanks for suggestion,

Could you please suggest me to look some suspicious activity in some files.

jekd

once you have booted from a livecd, take a look at your logs, see if you have something weird about SMTP server or HTTP server (these are usually what attackers wants).

If you find out the server is really comproised, backup and reinstall. It's too dangerous to keep this OS, even if you clean it you won't be sure they haven't left a backdoor somewhere in a binary.
And you better update your second server ASAP.