Hello,
I'm running CentOS 6.8 Final on one of my Linux boxes. I have remote access, not physical. It's installed in Virtuozzo (it's a virtual private server).
I just noticed a 1.6GB file, /root/strace.sec_adv and I'm curious as to what it might be. man strace shows strace is a utility to trace system calls and signals. I believe I've used strace before, on another Linux box, to debug what was causing a segfault in an application. Turns out the segfault then was caused by a file handle being closed after it was already closed.
I'm thinking maybe this file was somehow generated by a program that crashed? Perhaps the system is setup in such a way where when a program crashes, it rights a strace.whatever file, kind of like those Windows dump logs or whatever they're called.
Does anyone know what might have caused this file to be created, what the file actually is, etc? I've tried opening it in nano, but as you could imagine, opening a 1.6GB text file in nano remotely doesn't work so well.
So, I cat the contents and pipe it to more.
There's a whole bunch of no such file or directory messages on the first screen.
The files aren't there, that's for sure. But I don't think they're supposed to be anymore. I have a /usr/local/cpanel/3rdparty/perl/522/lib64/perl5/5.22.1 directory but only the perl5 directory is in the /usr/local/cpanel/3rdparty/perl/522/lib64 directory.
Right now, I'm more interested in trying to figure out how this file got here and what happened. There's been a lot of updates for cPanel lately and they've been restructuring things a bit. I'm thinking maybe a program got updated to point stuff to the new location but the old program was still running and never got killed. Then perhaps it tried accessing the libraries and crashed. What do you guys think?
Thanks.
I'm running CentOS 6.8 Final on one of my Linux boxes. I have remote access, not physical. It's installed in Virtuozzo (it's a virtual private server).
I just noticed a 1.6GB file, /root/strace.sec_adv and I'm curious as to what it might be. man strace shows strace is a utility to trace system calls and signals. I believe I've used strace before, on another Linux box, to debug what was causing a segfault in an application. Turns out the segfault then was caused by a file handle being closed after it was already closed.
I'm thinking maybe this file was somehow generated by a program that crashed? Perhaps the system is setup in such a way where when a program crashes, it rights a strace.whatever file, kind of like those Windows dump logs or whatever they're called.
Does anyone know what might have caused this file to be created, what the file actually is, etc? I've tried opening it in nano, but as you could imagine, opening a 1.6GB text file in nano remotely doesn't work so well.
So, I cat the contents and pipe it to more.
Code:
cat /root/strace.sec_adv | more 10803 execve("/usr/local/cpanel/scripts/check_security_advice_changes", ["/usr/local/cpanel/scripts/check_security_advice_changes"], [/* 27 vars */]) = 0 10803 brk(0) = 0x1252000 10803 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7cf1743000 10803 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) 10803 open("/usr/local/cpanel/3rdparty/perl/522/lib64/tls/x86_64/libgdbm.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) ...
The files aren't there, that's for sure. But I don't think they're supposed to be anymore. I have a /usr/local/cpanel/3rdparty/perl/522/lib64/perl5/5.22.1 directory but only the perl5 directory is in the /usr/local/cpanel/3rdparty/perl/522/lib64 directory.
Right now, I'm more interested in trying to figure out how this file got here and what happened. There's been a lot of updates for cPanel lately and they've been restructuring things a bit. I'm thinking maybe a program got updated to point stuff to the new location but the old program was still running and never got killed. Then perhaps it tried accessing the libraries and crashed. What do you guys think?
Thanks.
Comment