LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 07-08-2002, 12:18 PM   #1
artman62
Member
 
Registered: Nov 2001
Distribution: Mandrake 8.2
Posts: 97

Rep: Reputation: 15
Unhappy Kernel Panic message


I came in this morning to find my webserver with a blank screen. When I rebooted the system, linux started booting up then halted at this message:

kernel Panic: no init found. Try passing init= option to kernel

When I tried rebooting a couple of times I either get this message or message saying

kernel panic: init failed

followed by a register dump and something about a kernel trace.

Anyone know what causes this and how to get around it?
 
Old 07-08-2002, 02:50 PM   #2
doublefailure
Member
 
Registered: Mar 2002
Location: ma
Distribution: slackware
Posts: 747

Rep: Reputation: 30
i don't know much about kernel..
but most of time i encountered kernel panic

using either Interactive boot(by pressing I)/fail safe mode/cdrom rescue mode
worked out
when u r prompted with fsck ***
just say yes
or
fsck -y /dev/hda
gl
 
Old 07-09-2002, 12:31 AM   #3
zLinuxz
Senior Member
 
Registered: Feb 2002
Location: Shanghai, CHINA
Distribution: RH 5.0,5.1 6.0,6.1 7.0,7.1,7.2,7.3.,8.0,9.0, RH Enterprise, Fedora C1, C2
Posts: 1,216

Rep: Reputation: 45
dude, maybe you got hacked, why don't you boot using the Boot disk which I'm SURE you created when you first installed your linux box??(yeah, right...)
 
Old 07-09-2002, 01:43 AM   #4
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 269Reputation: 269Reputation: 269
What distro are you running ? Try searching the forums here or try performing a search on google. But hopefully you did create a boot disk as this is going to help you get your system restored. If not, most Linux distros allow you to boot and rescue from the cd. And most likely this isn't a cause of a hack, its likely but can happen without a hack as well.

Also you could try passing this at boot:

linux init=/bin/bash

and double check your system, like /etc/fstab and possibly /etc/inittab are there with no goofups.


Last edited by trickykid; 07-09-2002 at 01:47 AM.
 
Old 07-09-2002, 06:15 PM   #5
artman62
Member
 
Registered: Nov 2001
Distribution: Mandrake 8.2
Posts: 97

Original Poster
Rep: Reputation: 15
Thanks for your help

To answer your questions.

Yes, I have a rescue disk. I am using Red Hat Linux 7.1.

I'm pretty sure I got hacked. I am also pretty sure I know who did it. I'll deal with that later.

Anyway, booting from my floppy produces the same results as above. Even if I type linux rescue from the boot: prompt.

I tried booting from the cd. I typed linux rescue from the boot: prompt.
Here are the last 4 lines of the message text:

EXT2-fs warning: mounting unchecked fs, running e2fsck is recommended
VFS: cannot open root device "" or 08:41
Please append a correct root=" boot option
Kernel Panic: VFS: unable to mount root fs on 08:41

I also tried typing linux init=/bin/bash at the boot: prompt with no change in the results.

The redhat docs say that if the /initrd/ directory is missing it will cause a kernel panic message. Yet I have no way of checking this at the moment.

Any other ideas?

Last edited by artman62; 07-09-2002 at 06:16 PM.
 
Old 07-10-2002, 03:07 AM   #6
JaseP
Senior Member
 
Registered: Jun 2002
Location: Eastern PA, USA
Distribution: K/Ubuntu 18.04-14.04, Scientific Linux 6.3-6.4, Android-x86, Pretty much all distros at one point...
Posts: 1,802

Rep: Reputation: 157Reputation: 157
Can you pull the physical hd and insert it in a bootable Linux machine as a secondary hard drive, then run a e2fsck on the root partition???

By the way, with an EXT2 partition, you didn't necessarily get hacked, if you got a brownout, it may have fried your data and nerfed the filesystem. It even happens (rarely) in journelized file systems. I recommend that when you get your file system up, you switch to either EXT3 or resierfs for your boot partition. I hope that also you back up your user data (including the user accounts in which your web hosting is occuring. You should be keeping those partitions seperate, and be backing them up regularly.

The nice thing is that with a reiserfs, you can boot on another media then run a resierfsck --check --rebuild-tree /dev/[device] on the partition (usually a couple of times does the trick). It then rebuilds the file tree for you, based upon the journal.

You can also patch your kernel better by the use of good partitioning, updating newer security features while not loosing data and reducing downtime on your server.
 
Old 07-10-2002, 05:28 AM   #7
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 269Reputation: 269Reputation: 269
Where does your / partition reside at, /dev/hda1, /dev/hda3..etc ?? Have you tried booting passing that at boot time like the init=/bin/bash ?? something like: root=/dev/hda1
 
Old 07-10-2002, 08:49 AM   #8
zLinuxz
Senior Member
 
Registered: Feb 2002
Location: Shanghai, CHINA
Distribution: RH 5.0,5.1 6.0,6.1 7.0,7.1,7.2,7.3.,8.0,9.0, RH Enterprise, Fedora C1, C2
Posts: 1,216

Rep: Reputation: 45
well, of course it's possible that it wasn't a hack...but damn it sounds like it,
 
Old 07-11-2002, 05:48 AM   #9
JaseP
Senior Member
 
Registered: Jun 2002
Location: Eastern PA, USA
Distribution: K/Ubuntu 18.04-14.04, Scientific Linux 6.3-6.4, Android-x86, Pretty much all distros at one point...
Posts: 1,802

Rep: Reputation: 157Reputation: 157
I recently thought I was the victim of a hack as well. What it was, was a fairly reproduceable problem in which I was deleting the cache for konqueror manually, and a version of konqueror still had that object open. The end result was a ghosted file that could not be erased because it really did not exist. If it was a file that the system wanted to re-create each time, it would lead to problems. Each time I tried to run konqueror, it caused a kernel panic. Mozilla worked fine, so I knew it was no problem with the set-up in general. What it was was the cache entries for my home-page, as stored in the kio_http cache was not permitting new files of the same name to be created. It caused the kernel panic and the result was a mess that took a re-install and data shuffling to fix (I didn't know how to use reiserfsck properly at the time).

If the particular file is critical to something the program using it is doing, it can cause a kernel panic. The machine will reboot and you will be left with the same problem again. Doing a tree reconstruct with the appropriate fsck for the file system you are using will likely solve the problem. It will remove the ghosted entry and allow the program or daemon or whatever to re-create the file it was trying to create in the first place. Result,... no kernel panic.

You need to do a complete fsck on the root disk somehow. What is likely your problem is that something is being prevented from being able to write to a particular file and it causes the kernel to go nuts. I find it unlikely that it is a hack attack, although you are using a particularly old installation of Red Hat, and if you haven't done security updates, you MAY have been attacked.

What are you running off of that web server that makes you think you were attacked???

Anyway,...
Mount that file system though some other means (another bootable drive). Then run the fsck appropriate to that file system on it (efsck??), with the right parameters to reconstruct the file system tree. The man pages can show you the correct syntax (i.e. type: man fsck at a console prompt). For the future, make sure you back up critical configuration files to another source once you get it up and running, in case the only solution is a clean re-install.
 
Old 07-15-2002, 11:25 AM   #10
artman62
Member
 
Registered: Nov 2001
Distribution: Mandrake 8.2
Posts: 97

Original Poster
Rep: Reputation: 15
Here is where I'm at.
I tried the drive as a slave drive in my other linux box. I couldn't access it. I couldn't even get it to mount in linux. The computer and bios said there was a drive there, but that was as far as I got.
I tried a couple of linux rescue disks - same results as with the cd and boot disk.
Think it's time to throw in the towel and start over?

Why do I think I was hacked? I didn't have anything on my site that was worth hacking. For that matter, I t was only one page that wasn't even finished. We been having difficulties with a neighboring business, a bunch that would probably not have too much difficulty hacking a system. I'll leave it at that.

While doing all of this I downloaded Mandrake Linux 8.2 and redid my fileserver (with EXT3 partitions) - which also was running Red Hat 7.1. You know, I kind of like Mandrake. Anyway, I am still trying to download the rest of RH 7.3. But I'm getting throughtput on my DSL line of about 9-12 cps. Needless to say it is taking forever.

Thanks for all your help.

Last edited by artman62; 07-15-2002 at 11:38 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel panic message after Fedora 3 Installation raomuppuri Linux - Software 0 06-03-2005 01:40 AM
another kernel panic error message o_0 Linux - General 5 10-05-2004 09:22 PM
Kernel panic message: unable to mount root fs farmerdan Linux - General 3 03-10-2004 08:31 AM
kernel panic error message --What do i do?? :confused: linuxnut2003 Red Hat 7 02-20-2004 10:50 PM
kernel panic message (for dual booting of win2k and 7.3 smurray723 Linux - Newbie 10 11-22-2002 11:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration