‹‹ 上一主题 | 下一主题 ›› 京沪深80000年薪保证,嵌入式内核开发
发新话题
打印

紧急求救!!Linux AS4 老是DOWN机

cctcc

初来乍到

Rank: 1

注册用户

帖子
10 
精华
0 
积分
在线时间
0 小时 
楼主贴 发表于 2006-7-11 16:00  只看该作者

紧急求救!!Linux AS4 老是DOWN机

服务器安装的是RedHat Linux AS4 ,服务器只开了22,21,3306,80端口,一开始运行挺正常的,不过9号2点和今天2点,服务器都DOWN机了,网络不通,SSH也连接不上,不知是什么原因,急死了:(

求救高手指点!不胜感谢。

附:IPtables配置:
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8090 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

其中8090是apache端口,不过现在已经不用了。80是开给tomcat用的。      

TOP

Roc.Ken

版主

Rank: 7Rank: 7Rank: 7

帖子
6250 
精华
90 
积分
360 
在线时间
556 小时 
呵呵抢到沙发了 发表于 2006-7-11 19:00  只看该作者
用的是什么内核? 系统日志中有什么错误记录?  /var/log/messages      
Advance Monitor - Linux Monitoring Solution

TOP

cctcc

初来乍到

Rank: 1

注册用户

帖子
10 
精华
0 
积分
在线时间
0 小时 
板凳位置 发表于 2006-7-12 10:46  只看该作者
Linux版本:2.6.9-5.ELsmp #1 SMP Wed Jan 5 19:30:39 EST 2005 i686 i686 i386 GNU/Linux      

TOP

cctcc

初来乍到

Rank: 1

注册用户

帖子
10 
精华
0 
积分
在线时间
0 小时 
委屈了,只有地板 发表于 2006-7-12 10:57  只看该作者
附:9号的日志:

Jul  9 04:02:37 localhost syslogd 1.4.1: restart.
Jul  9 04:02:42 localhost kernel: audit(1152388962.335:0): avc:  denied  { write } for  pid=27354 exe=/usr/sbin/httpd name=mibs dev=dm-0 ino=4114959 scontext=root:system_r:httpd_t tcontext=system_ubject_r:usr_t tclass=dir
Jul  9 04:02:47 localhost crond(pam_unix)[3579]: session closed for user root
Jul  9 04:05:01 localhost crond(pam_unix)[4193]: session opened for user root by (uid=0)
Jul  9 04:05:02 localhost crond(pam_unix)[4193]: session closed for user root
Jul  9 04:10:01 localhost crond(pam_unix)[4195]: session opened for user root by (uid=0)
Jul  9 04:10:01 localhost crond(pam_unix)[4197]: session opened for user root by (uid=0)
Jul  9 04:10:01 localhost crond(pam_unix)[4197]: session closed for user root
Jul  9 04:10:01 localhost crond(pam_unix)[4195]: session closed for user root
Jul  9 04:15:01 localhost crond(pam_unix)[4200]: session opened for user root by (uid=0)
Jul  9 04:15:01 localhost crond(pam_unix)[4200]: session closed for user root
Jul  9 04:20:01 localhost crond(pam_unix)[4202]: session opened for user root by (uid=0)
Jul  9 04:20:01 localhost crond(pam_unix)[4203]: session opened for user root by (uid=0)
Jul  9 04:20:01 localhost crond(pam_unix)[4203]: session closed for user root
Jul  9 04:20:02 localhost crond(pam_unix)[4202]: session closed for user root
Jul  9 04:22:01 localhost crond(pam_unix)[4209]: session opened for user root by (uid=0)
Jul  9 04:24:45 localhost crond(pam_unix)[4209]: session closed for user root
Jul  9 04:25:01 localhost crond(pam_unix)[7157]: session opened for user root by (uid=0)
Jul  9 04:25:02 localhost crond(pam_unix)[7157]: session closed for user root
Jul  9 04:30:01 localhost crond(pam_unix)[7159]: session opened for user root by (uid=0)
Jul  9 04:30:01 localhost crond(pam_unix)[7161]: session opened for user root by (uid=0)
Jul  9 04:30:01 localhost crond(pam_unix)[7161]: session closed for user root
Jul  9 04:30:01 localhost crond(pam_unix)[7159]: session closed for user root
Jul  9 04:35:01 localhost crond(pam_unix)[7164]: session opened for user root by (uid=0)
Jul  9 04:35:01 localhost crond(pam_unix)[7164]: session closed for user root
Jul  9 04:40:01 localhost crond(pam_unix)[7166]: session opened for user root by (uid=0)
Jul  9 04:40:01 localhost crond(pam_unix)[7167]: session opened for user root by (uid=0)
Jul  9 04:40:01 localhost crond(pam_unix)[7167]: session closed for user root
Jul  9 04:40:01 localhost crond(pam_unix)[7166]: session closed for user root
Jul  9 04:45:02 localhost crond(pam_unix)[7174]: session opened for user root by (uid=0)
Jul  9 04:45:02 localhost crond(pam_unix)[7174]: session closed for user root
Jul  9 04:50:01 localhost crond(pam_unix)[7178]: session opened for user root by (uid=0)
Jul  9 04:50:01 localhost crond(pam_unix)[7179]: session opened for user root by (uid=0)
Jul  9 04:50:01 localhost crond(pam_unix)[7179]: session closed for user root
Jul  9 04:50:02 localhost crond(pam_unix)[7178]: session closed for user root
Jul  9 04:55:01 localhost crond(pam_unix)[7183]: session opened for user root by (uid=0)
Jul  9 04:55:01 localhost crond(pam_unix)[7183]: session closed for user root
Jul  9 05:00:01 localhost crond(pam_unix)[7185]: session opened for user root by (uid=0)
Jul  9 05:00:01 localhost crond(pam_unix)[7186]: session opened for user root by (uid=0)
Jul  9 05:00:01 localhost crond(pam_unix)[7186]: session closed for user root
Jul  9 05:00:01 localhost crond(pam_unix)[7185]: session closed for user root
Jul  9 05:01:01 localhost crond(pam_unix)[7190]: session opened for user root by (uid=0)
Jul  9 05:01:01 localhost crond(pam_unix)[7190]: session closed for user root
Jul  9 05:05:01 localhost crond(pam_unix)[7200]: session opened for user root by (uid=0)
Jul  9 05:05:02 localhost crond(pam_unix)[7200]: session closed for user root
Jul  9 05:10:01 localhost crond(pam_unix)[7202]: session opened for user root by (uid=0)
Jul  9 05:10:01 localhost crond(pam_unix)[7204]: session opened for user root by (uid=0)
Jul  9 05:10:01 localhost crond(pam_unix)[7204]: session closed for user root
Jul  9 05:10:01 localhost crond(pam_unix)[7202]: session closed for user root
Jul  9 05:15:01 localhost crond(pam_unix)[7207]: session opened for user root by (uid=0)
Jul  9 05:15:01 localhost crond(pam_unix)[7207]: session closed for user root
Jul  9 05:20:01 localhost crond(pam_unix)[7209]: session opened for user root by (uid=0)
Jul  9 05:20:01 localhost crond(pam_unix)[7211]: session opened for user root by (uid=0)
Jul  9 05:20:01 localhost crond(pam_unix)[7211]: session closed for user root
Jul  9 05:20:02 localhost crond(pam_unix)[7209]: session closed for user root
Jul  9 05:25:01 localhost crond(pam_unix)[7214]: session opened for user root by (uid=0)
Jul  9 05:25:01 localhost crond(pam_unix)[7214]: session closed for user root
Jul  9 05:30:01 localhost crond(pam_unix)[7217]: session opened for user root by (uid=0)
Jul  9 05:30:01 localhost crond(pam_unix)[7216]: session opened for user root by (uid=0)
Jul  9 05:30:01 localhost crond(pam_unix)[7217]: session closed for user root
Jul  9 05:30:01 localhost crond(pam_unix)[7216]: session closed for user root
Jul  9 05:35:01 localhost crond(pam_unix)[7221]: session opened for user root by (uid=0)
Jul  9 05:35:02 localhost crond(pam_unix)[7221]: session closed for user root
Jul  9 05:40:01 localhost crond(pam_unix)[7223]: session opened for user root by (uid=0)
Jul  9 05:40:01 localhost crond(pam_unix)[7224]: session opened for user root by (uid=0)
Jul  9 05:40:01 localhost crond(pam_unix)[7224]: session closed for user root
Jul  9 05:40:01 localhost crond(pam_unix)[7223]: session closed for user root
Jul  9 05:45:01 localhost crond(pam_unix)[7228]: session opened for user root by (uid=0)
Jul  9 05:45:01 localhost crond(pam_unix)[7228]: session closed for user root
Jul  9 05:50:01 localhost crond(pam_unix)[7232]: session opened for user root by (uid=0)
Jul  9 05:50:01 localhost crond(pam_unix)[7234]: session opened for user root by (uid=0)
Jul  9 05:50:01 localhost crond(pam_unix)[7234]: session closed for user root
Jul  9 05:50:02 localhost crond(pam_unix)[7232]: session closed for user root
Jul  9 05:55:01 localhost crond(pam_unix)[7237]: session opened for user root by (uid=0)
Jul  9 05:55:01 localhost crond(pam_unix)[7237]: session closed for user root
Jul  9 06:00:01 localhost crond(pam_unix)[7239]: session opened for user root by (uid=0)
Jul  9 06:00:01 localhost crond(pam_unix)[7241]: session opened for user root by (uid=0)
Jul  9 06:00:01 localhost crond(pam_unix)[7241]: session closed for user root
Jul  9 06:00:01 localhost crond(pam_unix)[7239]: session closed for user root
Jul  9 06:01:01 localhost crond(pam_unix)[7244]: session opened for user root by (uid=0)
Jul  9 06:01:01 localhost crond(pam_unix)[7244]: session closed for user root
Jul  9 06:05:01 localhost crond(pam_unix)[7254]: session opened for user root by (uid=0)
Jul  9 06:05:01 localhost crond(pam_unix)[7254]: session closed for user root
Jul  9 06:10:01 localhost crond(pam_unix)[7256]: session opened for user root by (uid=0)
Jul  9 06:10:01 localhost crond(pam_unix)[7258]: session opened for user root by (uid=0)
Jul  9 06:10:02 localhost crond(pam_unix)[7258]: session closed for user root
Jul  9 06:10:02 localhost crond(pam_unix)[7256]: session closed for user root
Jul  9 06:15:01 localhost crond(pam_unix)[7261]: session opened for user root by (uid=0)
Jul  9 06:15:01 localhost crond(pam_unix)[7261]: session closed for user root
Jul  9 06:20:01 localhost crond(pam_unix)[7263]: session opened for user root by (uid=0)
Jul  9 09:13:25 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul  9 09:13:28 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex
Jul  9 09:55:04 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul  9 09:55:05 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex
Jul  9 10:40:07 localhost sshd(pam_unix)[7663]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=cyrus
Jul  9 10:40:11 localhost unix_chkpwd[7667]: check pass; user unknown
Jul  9 10:40:11 localhost sshd(pam_unix)[7665]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:14 localhost unix_chkpwd[7670]: check pass; user unknown
Jul  9 10:40:14 localhost sshd(pam_unix)[7668]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:18 localhost sshd(pam_unix)[7671]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=ftp
Jul  9 10:40:22 localhost unix_chkpwd[7675]: check pass; user unknown
Jul  9 10:40:22 localhost sshd(pam_unix)[7673]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:26 localhost unix_chkpwd[7678]: check pass; user unknown
Jul  9 10:40:26 localhost sshd(pam_unix)[7676]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:30 localhost unix_chkpwd[7681]: check pass; user unknown
Jul  9 10:40:30 localhost sshd(pam_unix)[7679]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200
Jul  9 10:40:34 localhost sshd(pam_unix)[7682]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=postfix
Jul  9 10:40:37 localhost sshd(pam_unix)[7684]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.4.200  user=postgres
Jul  9 10:40:41 localhost unix_chkpwd[7688]: check pass; user unknown
这是一部分,      

TOP

cctcc

初来乍到

Rank: 1

注册用户

帖子
10 
精华
0 
积分
在线时间
0 小时 
5楼 发表于 2006-7-12 11:01  只看该作者
附:9号2点左右DOWN机时的日志
Jul 9 13:44:00 localhost sshd(pam_unix)[9610]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:05 localhost unix_chkpwd[9615]: check pass; user unknown
Jul 9 13:44:05 localhost sshd(pam_unix)[9613]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:11 localhost unix_chkpwd[9618]: check pass; user unknown
Jul 9 13:44:11 localhost sshd(pam_unix)[9616]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:16 localhost unix_chkpwd[9621]: check pass; user unknown
Jul 9 13:44:16 localhost sshd(pam_unix)[9619]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:21 localhost unix_chkpwd[9624]: check pass; user unknown
Jul 9 13:44:21 localhost sshd(pam_unix)[9622]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:26 localhost unix_chkpwd[9627]: check pass; user unknown
Jul 9 13:44:26 localhost sshd(pam_unix)[9625]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:44:31 localhost unix_chkpwd[9630]: check pass; user unknown
Jul 9 13:44:31 localhost sshd(pam_unix)[9628]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.101.26.188
Jul 9 13:45:01 localhost crond(pam_unix)[9631]: session opened for user root by (uid=0)
Jul 9 13:45:02 localhost crond(pam_unix)[9631]: session closed for user root
Jul 9 13:50:01 localhost crond(pam_unix)[9636]: session opened for user root by (uid=0)
Jul 9 13:50:01 localhost crond(pam_unix)[9638]: session opened for user root by (uid=0)
Jul 9 13:50:01 localhost crond(pam_unix)[9638]: session closed for user root
Jul 9 13:50:01 localhost crond(pam_unix)[9636]: session closed for user root
Jul 9 13:55:01 localhost crond(pam_unix)[9641]: session opened for user root by (uid=0)
Jul 9 13:55:02 localhost crond(pam_unix)[9641]: session closed for user root
Jul 9 14:00:01 localhost crond(pam_unix)[9643]: session opened for user root by (uid=0)
Jul 9 14:00:01 localhost crond(pam_unix)[9644]: session opened for user root by (uid=0)
Jul 9 14:00:01 localhost crond(pam_unix)[9644]: session closed for user root
Jul 9 14:00:01 localhost crond(pam_unix)[9643]: session closed for user root
Jul 9 14:01:01 localhost crond(pam_unix)[9648]: session opened for user root by (uid=0)
Jul 9 14:01:01 localhost crond(pam_unix)[9648]: session closed for user root
Jul 9 14:03:19 localhost kernel: e1000: eth0: e1000_watchdog: NIC Link is Down
Jul 9 14:05:01 localhost crond(pam_unix)[9658]: session opened for user root by (uid=0)
Jul 9 14:05:01 localhost crond(pam_unix)[9658]: session closed for user root
Jul 9 14:10:01 localhost crond(pam_unix)[9660]: session opened for user root by (uid=0)
Jul 9 14:10:01 localhost crond(pam_unix)[9661]: session opened for user root by (uid=0)
Jul 9 14:10:01 localhost crond(pam_unix)[9661]: session closed for user root
Jul 9 14:10:02 localhost crond(pam_unix)[9660]: session closed for user root
Jul 9 14:15:01 localhost crond(pam_unix)[9665]: session opened for user root by (uid=0)
Jul 9 14:15:01 localhost crond(pam_unix)[9665]: session closed for user root
Jul 9 14:20:01 localhost crond(pam_unix)[9668]: session opened for user root by (uid=0)
Jul 9 14:20:01 localhost crond(pam_unix)[9667]: session opened for user root by (uid=0)
Jul 9 14:20:01 localhost crond(pam_unix)[9668]: session closed for user root
Jul 9 14:20:01 localhost crond(pam_unix)[9667]: session closed for user root
Jul 9 14:25:01 localhost crond(pam_unix)[9672]: session opened for user root by (uid=0)
Jul 9 14:25:01 localhost crond(pam_unix)[9672]: session closed for user root
Jul 9 14:30:01 localhost crond(pam_unix)[9674]: session opened for user root by (uid=0)
Jul 9 14:30:01 localhost crond(pam_unix)[9676]: session opened for user root by (uid=0)
Jul 9 14:30:02 localhost crond(pam_unix)[9676]: session closed for user root
Jul 9 14:30:02 localhost crond(pam_unix)[9674]: session closed for user root
Jul 9 14:35:01 localhost crond(pam_unix)[9679]: session opened for user root by (uid=0)
Jul 9 14:35:01 localhost crond(pam_unix)[9679]: session closed for user root
Jul 9 14:40:01 localhost crond(pam_unix)[9681]: session opened for user root by (uid=0)
Jul 9 14:40:01 localhost crond(pam_unix)[9682]: session opened for user root by (uid=0)
Jul 9 14:40:01 localhost crond(pam_unix)[9682]: session closed for user root
Jul 9 14:40:01 localhost crond(pam_unix)[9681]: session closed for user root
Jul 9 14:41:38 localhost shutdown: shutting down for system halt
Jul 9 14:41:38 localhost init: Switching to runlevel: 0
Jul 9 14:41:40 localhost cups-config-daemon: cups-config-daemon -TERM succeeded
Jul 9 14:41:40 localhost haldaemon: haldaemon -TERM succeeded
Jul 9 14:41:40 localhost messagebus: messagebus -TERM succeeded
Jul 9 14:41:40 localhost dbus: avc: 3 AV entries and 3/512 buckets used, longest chain length 1
Jul 9 14:41:41 localhost gpm[2381]: *** info [mice.c(1766)]:
Jul 9 14:41:41 localhost gpm[2381]: imps2: Auto-detected intellimouse PS/2
Jul 9 14:41:42 localhost atd: atd shutdown succeeded
Jul 9 14:41:42 localhost cups: cupsd shutdown succeeded
Jul 9 14:41:42 localhost xfs[2486]: terminating
Jul 9 14:41:42 localhost xfs: xfs shutdown succeeded      

TOP

Roc.Ken

版主

Rank: 7Rank: 7Rank: 7

帖子
6250 
精华
90 
积分
360 
在线时间
556 小时 
6楼 发表于 2006-7-13 16:48  只看该作者
Jul 9 14:40:01 localhost crond(pam_unix)[9681]: session closed for user root
Jul 9 14:41:38 localhost shutdown: shutting down for system halt

看起来是用户操作的, 不是内核自己panic的问题.

9号2点, 是凌晨两点?
看似Jul 9 04:02时重启系统, 需要前面的日志.

服务器是不是dell的blade? 升级一下内核吧,用AS4-update3的:https://rhn.redhat.com/errata/rhel4as-errata.html      
Advance Monitor - Linux Monitoring Solution

TOP

‹‹ 上一主题 | 下一主题 ››
发新话题