记录日志:腾讯云服务器遭遇挖矿病毒 清除操作日志
作者:互联网
你未必出类拔萃,但一定与众不同
12月16日下午16时许
腾讯云服务器部署项目时,项目不管上没上线,tomcat原本是启动的,但是非正常原因断开连接,结束
重新启动多次tomcat发现都会非正常关闭,查看服务器cpu使用率奇高无比,最高的时候一个达到97%的CPU占用率,发现不明进程正在运行,百度一下发现是挖矿病毒,还是两种;记录一下操作日志,方便以后再次清除;
[root@VM-0-6-centos bin]# top -H
top - 16:57:21 up 2 days, 1:57, 1 user, load average: 1.80, 1.24, 1.58
Threads: 172 total, 5 running, 167 sleeping, 0 stopped, 0 zombie
%Cpu(s): 92.0 us, 5.6 sy, 2.3 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 558396 free, 1077448 used, 246348 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 659916 avail Mem
Unknown command - try 'h' for help
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
15631 root 20 0 712076 1624 880 R 44.4 0.1 1:15.56 kdevtmpfsi39587
14352 nobody 30 10 162640 26024 416 S 3.0 1.4 0:29.97 networkservice
14354 nobody 30 10 162640 26024 416 S 2.6 1.4 0:28.77 networkservice
14401 nobody 30 10 162640 26024 416 S 2.6 1.4 0:23.59 networkservice
15148 nobody 30 10 162640 26024 416 R 1.3 1.4 0:20.37 networkservice
14351 nobody 30 10 162640 26024 416 S 0.3 1.4 0:07.77 networkservice
15581 root 20 0 162064 2340 1596 R 0.3 0.1 0:00.38 top
1 root 20 0 43448 2764 1508 S 0.0 0.1 0:04.44 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.25 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:39.11 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.28 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.41 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.95 kauditd
[1]+ Stopped top -H
[root@VM-0-6-centos bin]# top -H
top - 16:57:37 up 2 days, 1:57, 1 user, load average: 1.18, 1.31, 1.60
Threads: 175 total, 5 running, 169 sleeping, 1 stopped, 0 zombie
%Cpu(s): 92.0 us, 5.0 sy, 2.7 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 1882192 total, 555896 free, 1079872 used, 246424 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 657488 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
15631 root 20 0 712076 1624 880 R 44.9 0.1 1:22.81 kdevtmpfsi39587
14352 nobody 30 10 162640 26024 416 S 2.7 1.4 0:30.42 networkservice
14401 nobody 30 10 162640 26024 416 S 2.7 1.4 0:24.05 networkservice
14354 nobody 30 10 162640 26024 416 R 1.7 1.4 0:28.82 networkservice
15148 nobody 30 10 162640 26024 416 S 1.0 1.4 0:20.81 networkservice
14351 nobody 30 10 162640 26024 416 S 0.3 1.4 0:07.85 networkservice
1 root 20 0 43448 2764 1508 S 0.0 0.1 0:04.44 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.25 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:39.12 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.28 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.41 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.95 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
[2]+ Stopped top -H
[root@VM-0-6-centos bin]# ps -ef|kdevtmpfsi39587
-bash: kdevtmpfsi39587: command not found
[root@VM-0-6-centos bin]# ps -ef|grep kdevtmpfsi39587
root 15591 1 40 16:54 ? 00:01:32 /tmp/kdevtmpfsi395879277
root 15778 14789 0 16:57 pts/0 00:00:00 grep --color=auto kdevtmpfsi39587
[root@VM-0-6-centos bin]# top -H
top - 17:01:45 up 2 days, 2:01, 1 user, load average: 1.75, 1.17, 1.48
Threads: 172 total, 5 running, 165 sleeping, 2 stopped, 0 zombie
%Cpu(s): 66.7 us, 33.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 1882192 total, 296720 free, 1091392 used, 494080 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 643808 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
15631 root 20 0 712076 1624 880 R 25.5 0.1 3:08.78 kdevtmpfsi39587
17582 nobody 20 0 75168 22680 412 S 21.5 1.2 0:01.62 networkservice
17233 nobody 20 0 75168 22680 412 R 14.2 1.2 0:05.67 networkservice
17237 nobody 20 0 75168 22680 412 S 9.3 1.2 0:04.12 networkservice
17234 nobody 20 0 75168 22680 412 S 2.6 1.2 0:00.80 networkservice
10545 mysql 20 0 1357216 392496 976 R 0.3 20.9 0:20.05 mysqld
17579 root 20 0 162064 2352 1596 R 0.3 0.1 0:00.04 top
1 root 20 0 43448 3292 2036 S 0.0 0.2 0:04.46 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.27 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:39.19 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.28 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.45 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.95 kauditd
[root@VM-0-6-centos bin]# ps -ef|grep networkservice
nobody 17233 1 23 17:00 ? 00:00:21 /etc/networkservice
root 17617 14789 0 17:01 pts/0 00:00:00 grep --color=auto networkservice
[root@VM-0-6-centos bin]# kill -9 17233
[root@VM-0-6-centos bin]# kill -9 15631
[root@VM-0-6-centos bin]# top -H
top - 17:05:55 up 2 days, 2:05, 1 user, load average: 1.75, 1.25, 1.62
Threads: 173 total, 3 running, 168 sleeping, 2 stopped, 0 zombie
%Cpu(s): 97.3 us, 2.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 310260 free, 1075940 used, 495992 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 659432 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
17710 root 20 0 515468 1616 864 R 76.7 0.1 1:27.30 kdevtmpfsi18749
17665 root 20 0 0 0 0 S 0.3 0.0 0:00.01 kworker/0:0
1 root 20 0 43448 3376 2120 S 0.0 0.2 0:04.46 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.29 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:39.24 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.28 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.46 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.96 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:03.69 kworker/0:1H
246 root 0 -20 0 0 0 S 0.0 0.0 0:00.03 ata_sff
250 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
251 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 scsi_tmf_0
[3]+ Stopped top -H
[root@VM-0-6-centos bin]# ps -ef|grep kdevtmpfsi18749
root 17699 1 88 17:04 ? 00:01:33 /tmp/kdevtmpfsi187492391
root 19450 14789 0 17:06 pts/0 00:00:00 grep --color=auto kdevtmpfsi18749
[root@VM-0-6-centos bin]# cd /var/spool/cron
[root@VM-0-6-centos cron]# ls
admin apache backup.db crontab dump.rdb kinsingBYE57dMI5C kinsingtQIMxfptl0 nginx nobody red2.so redis root tomcat user web www www-data zzh
[root@VM-0-6-centos cron]# rm -rf apache
[root@VM-0-6-centos cron]# rm -rf nobody
[root@VM-0-6-centos cron]# rm -rf root
[root@VM-0-6-centos cron]# rm -rf www
[root@VM-0-6-centos cron]# chattr -i sysupdate
-bash: chattr: command not found
[root@VM-0-6-centos cron]# rm -rf sysupdate
[root@VM-0-6-centos cron]# cd /tmp
[root@VM-0-6-centos tmp]# ls
kdevtmpfsi redis2
[root@VM-0-6-centos tmp]# chattr -i kdevtmpfis
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi
rm: cannot remove ‘kdevtmpfsi’: Operation not permitted
[root@VM-0-6-centos tmp]# lsattr
----i--------e-- ./kdevtmpfsi
----i--------e-- ./redis2
[root@VM-0-6-centos tmp]# chattr -i .user.ini
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# chattr -i ./kdevtmpfsi
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# chattr -i ----i--------e-- ./kdevtmpfsi
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# chattr -e ./^C
[root@VM-0-6-centos tmp]# chattr -e ./kdevtmpfsi
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# chattr -i zigw
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi
----i--------e-- kdevtmpfsi
[root@VM-0-6-centos tmp]# top -H
top - 17:17:37 up 2 days, 2:17, 1 user, load average: 1.07, 1.93, 1.84
Threads: 172 total, 5 running, 164 sleeping, 3 stopped, 0 zombie
%Cpu(s): 92.0 us, 5.6 sy, 2.3 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 281676 free, 1097448 used, 503068 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 637660 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
17710 root 20 0 515468 1616 864 R 44.4 0.1 6:43.06 kdevtmpfsi18749
19397 nobody 30 10 153384 30072 416 S 3.3 1.6 0:15.81 networkservice
19429 nobody 30 10 153384 30072 416 R 3.3 1.6 0:15.48 networkservice
19427 nobody 30 10 153384 30072 416 R 3.0 1.6 0:01.91 networkservice
19426 nobody 30 10 153384 30072 416 R 0.3 1.6 0:03.26 networkservice
1 root 20 0 43448 3376 2120 S 0.0 0.2 0:04.48 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.31 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:39.44 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.28 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.47 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.96 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:03.70 kworker/0:1H
[4]+ Stopped top -H
[root@VM-0-6-centos tmp]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1244/sshd
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN 1330/redis-server *
tcp6 0 0 :::31458 :::* LISTEN 10901/./kinsingtQIM
tcp6 0 0 :::33060 :::* LISTEN 10400/mysqld
tcp6 0 0 :::3306 :::* LISTEN 10400/mysqld
tcp6 0 0 :::6379 :::* LISTEN 1330/redis-server *
[root@VM-0-6-centos tmp]# netstat -ntulp |grep 31458
tcp6 0 0 :::31458 :::* LISTEN 10901/./kinsingtQIM
[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi
rm: cannot remove ‘kdevtmpfsi’: Operation not permitted
[root@VM-0-6-centos tmp]# top -H
top - 17:28:34 up 2 days, 2:28, 1 user, load average: 1.92, 1.86, 1.86
Threads: 173 total, 5 running, 164 sleeping, 4 stopped, 0 zombie
%Cpu(s): 92.3 us, 5.0 sy, 2.7 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 279468 free, 1097088 used, 505636 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 637564 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
17710 root 20 0 515468 1616 864 R 44.7 0.1 11:37.59 kdevtmpfsi18749
19397 nobody 30 10 154444 30592 416 R 3.3 1.6 0:32.48 networkservice
19427 nobody 30 10 154444 30592 416 S 3.3 1.6 0:16.85 networkservice
19472 nobody 30 10 154444 30592 416 S 2.3 1.6 0:29.63 networkservice
19429 nobody 30 10 154444 30592 416 S 0.7 1.6 0:31.33 networkservice
20146 root 20 0 162064 2352 1596 R 0.7 0.1 0:00.02 top
1330 root 20 0 142504 2932 1144 S 0.3 0.2 2:01.08 redis-server
19426 nobody 30 10 154444 30592 416 R 0.3 1.6 0:06.62 networkservice
1 root 20 0 43448 3376 2120 S 0.0 0.2 0:04.49 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.33 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:39.63 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.28 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.47 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
[5]+ Stopped top -H
[root@VM-0-6-centos tmp]# systemctl status 17710
● redisd.service - SYSV: Redis is a persistent key-value database
Loaded: loaded (/etc/rc.d/init.d/redisd; bad; vendor preset: disabled)
Active: active (running) since Mon 2020-12-14 15:00:25 CST; 2 days ago
Docs: man:systemd-sysv-generator(8)
Process: 1269 ExecStart=/etc/rc.d/init.d/redisd start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/redisd.service
├─ 1330 /usr/local/bin/redis-server *:6379
├─10901 ./kinsingtQIMxfptl0
└─17699 /tmp/kdevtmpfsi187492391
Dec 14 15:00:25 VM-0-6-centos systemd[1]: Starting SYSV: Redis is a persistent key-value database...
Dec 14 15:00:25 VM-0-6-centos redisd[1269]: Starting Redis server...
Dec 14 15:00:25 VM-0-6-centos redisd[1269]: 1274:C 14 Dec 15:00:25.839 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
Dec 14 15:00:25 VM-0-6-centos redisd[1269]: 1274:C 14 Dec 15:00:25.839 # Redis version=4.0.6, bits=64, commit=00000000, modified=0, pid=1274, just started
Dec 14 15:00:25 VM-0-6-centos redisd[1269]: 1274:C 14 Dec 15:00:25.839 # Configuration loaded
Dec 14 15:00:25 VM-0-6-centos systemd[1]: Started SYSV: Redis is a persistent key-value database.
[root@VM-0-6-centos tmp]# kill kdevtmpfsi
-bash: kill: kdevtmpfsi: arguments must be process or job IDs
[root@VM-0-6-centos tmp]# kill -9 17710
[root@VM-0-6-centos tmp]# top -H
top - 17:31:27 up 2 days, 2:31, 1 user, load average: 1.59, 1.73, 1.81
Threads: 167 total, 4 running, 158 sleeping, 5 stopped, 0 zombie
%Cpu(s): 82.5 us, 11.9 sy, 5.3 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 1882192 total, 74388 free, 1097344 used, 710460 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 638952 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
19427 nobody 30 10 154444 31052 416 R 7.6 1.6 0:21.23 networkservice
19472 nobody 30 10 154444 31052 416 S 5.6 1.6 0:33.03 networkservice
19397 nobody 30 10 154444 31052 416 S 3.0 1.6 0:37.37 networkservice
19426 nobody 30 10 154444 31052 416 R 1.0 1.6 0:07.57 networkservice
19429 nobody 30 10 154444 31052 416 S 0.3 1.6 0:35.49 networkservice
20205 root 20 0 162064 2356 1608 R 0.3 0.1 0:00.03 top
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.50 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.33 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:39.68 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.33 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.47 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.97 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
[6]+ Stopped top -H
[root@VM-0-6-centos tmp]# kill -9 19427
[root@VM-0-6-centos tmp]# kill -9 19472
-bash: kill: (19472) - No such process
[root@VM-0-6-centos tmp]# kill -9 19397
-bash: kill: (19397) - No such process
[root@VM-0-6-centos tmp]# top -H
top - 17:33:08 up 2 days, 2:32, 1 user, load average: 1.07, 1.16, 1.60
Threads: 174 total, 4 running, 164 sleeping, 6 stopped, 0 zombie
%Cpu(s):100.0 us, 0.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 83416 free, 1080664 used, 718112 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 655848 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
20253 root 20 0 712076 1620 872 R 49.5 0.1 0:24.23 kdevtmpfsi45376
9 root 20 0 0 0 0 R 0.3 0.0 0:39.70 rcu_sched
1330 root 20 0 142504 2932 1144 S 0.3 0.2 2:01.26 redis-server
10545 mysql 20 0 1357216 392556 1036 S 0.3 20.9 0:22.05 mysqld
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.50 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.34 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.33 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.47 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.97 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:03.71 kworker/0:1H
246 root 0 -20 0 0 0 S 0.0 0.0 0:00.03 ata_sff
250 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
[7]+ Stopped top -H
[root@VM-0-6-centos tmp]# sudo find / -name kdevtmpfsi*
find: paths must precede expression: kdevtmpfsi453765361
Usage: find [-H] [-L] [-P] [-Olevel] [-D help|tree|search|stat|rates|opt|exec] [path...] [expression]
[root@VM-0-6-centos tmp]# sudo rm -rf ...
[root@VM-0-6-centos tmp]# sudo find / -name kinsing*
^Z
[8]+ Stopped sudo find / -name kinsing*
[root@VM-0-6-centos tmp]# sudo rm -rf ...
[root@VM-0-6-centos tmp]# ps -aux | grep kinsing
root 10901 0.0 0.9 718464 18764 ? Sl Dec14 0:16 ./kinsingtQIMxfptl0
root 20287 0.0 0.2 243304 4636 pts/0 T 17:33 0:00 sudo find / -name kinsing*
root 20288 1.8 0.0 120156 1364 pts/0 T 17:33 0:00 find / -name kinsing*
root 21979 0.0 0.0 112712 968 pts/0 R+ 17:34 0:00 grep --color=auto kinsing
[root@VM-0-6-centos tmp]# kill -9 10901
[root@VM-0-6-centos tmp]# kill -9 243304
-bash: kill: (243304) - No such process
[root@VM-0-6-centos tmp]# ps -aux | grep kinsing
root 20287 0.0 0.2 243304 4636 pts/0 T 17:33 0:00 sudo find / -name kinsing*
root 20288 1.2 0.0 120156 1364 pts/0 T 17:33 0:00 find / -name kinsing*
root 21997 0.0 0.0 112712 968 pts/0 R+ 17:34 0:00 grep --color=auto kinsing
[root@VM-0-6-centos tmp]# kill -9 20287
[root@VM-0-6-centos tmp]# kill -9 20288
-bash: kill: (20288) - No such process
[8]+ Killed sudo find / -name kinsing*
[root@VM-0-6-centos tmp]# ps -aux | grep kinsing
root 22002 0.0 0.0 112712 964 pts/0 R+ 17:35 0:00 grep --color=auto kinsing
[root@VM-0-6-centos tmp]# kill -9 22002
-bash: kill: (22002) - No such process
[root@VM-0-6-centos tmp]# top -H
top - 17:37:13 up 2 days, 2:36, 1 user, load average: 1.53, 1.37, 1.59
Threads: 176 total, 7 running, 162 sleeping, 7 stopped, 0 zombie
%Cpu(s): 92.1 us, 5.0 sy, 2.6 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 1882192 total, 84656 free, 1078008 used, 719528 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 651192 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
20253 root 20 0 712076 1620 872 R 44.7 0.1 2:08.09 kdevtmpfsi45376
21971 nobody 30 10 147844 21728 416 S 3.3 1.2 0:02.00 networkservice
21941 nobody 30 10 147844 21728 416 R 2.6 1.2 0:03.42 networkservice
21998 nobody 30 10 147844 21728 416 R 2.6 1.2 0:03.53 networkservice
21970 nobody 30 10 147844 21728 416 R 0.7 1.2 0:00.60 networkservice
10525 mysql 20 0 1357216 392556 1036 S 0.3 20.9 0:00.23 mysqld
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.51 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.35 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:39.76 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.34 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.47 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.97 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
[root@VM-0-6-centos tmp]# find / -name kdevtmpfsi
/tmp/kdevtmpfsi
[root@VM-0-6-centos tmp]# rm -f kdevtmpfsi
rm: cannot remove ‘kdevtmpfsi’: Operation not permitted
[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi
----i--------e-- kdevtmpfsi
[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# find -name chattr
[root@VM-0-6-centos tmp]# man chattr
[8]+ Stopped man chattr
[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi
----i--------e-- kdevtmpfsi
[root@VM-0-6-centos tmp]# ll
total 3892
-rw-r--r-- 1 nobody nobody 487 Dec 16 17:35 500_og
-rwxr-xr-x 1 root root 2 Nov 11 17:45 kdevtmpfsi
-rwx--x--x 1 root root 3930448 Dec 16 17:31 kdevtmpfsi453765361
-rwxr-xr-x 1 nobody nobody 37659 Dec 16 17:33 kow968kd
-rw-r--r-- 1 root root 2 Nov 11 17:45 redis2
[root@VM-0-6-centos tmp]# ll
total 8
-rwxr-xr-x 1 root root 2 Nov 11 17:45 kdevtmpfsi
-rw-r--r-- 1 root root 2 Nov 11 17:45 redis2
[root@VM-0-6-centos tmp]# chattr -i redis2
-bash: chattr: command not found
[root@VM-0-6-centos tmp]# yum -y install e2fsprogs
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
mysql-connectors-community | 2.6 kB 00:00:00
mysql-tools-community | 2.6 kB 00:00:00
mysql80-community | 2.6 kB 00:00:00
os | 3.6 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/5): extras/7/x86_64/primary_db | 222 kB 00:00:00
(2/5): epel/7/x86_64/updateinfo | 1.0 MB 00:00:00
(3/5): os/7/x86_64/primary_db | 6.1 MB 00:00:00
(4/5): updates/7/x86_64/primary_db | 3.7 MB 00:00:01
(5/5): epel/7/x86_64/primary_db | 6.9 MB 00:00:01
Resolving Dependencies
--> Running transaction check
---> Package e2fsprogs.x86_64 0:1.42.9-17.el7 will be updated
---> Package e2fsprogs.x86_64 0:1.42.9-19.el7 will be an update
--> Processing Dependency: libss = 1.42.9-19.el7 for package: e2fsprogs-1.42.9-19.el7.x86_64
--> Processing Dependency: libcom_err(x86-64) = 1.42.9-19.el7 for package: e2fsprogs-1.42.9-19.el7.x86_64
--> Processing Dependency: e2fsprogs-libs(x86-64) = 1.42.9-19.el7 for package: e2fsprogs-1.42.9-19.el7.x86_64
--> Running transaction check
---> Package e2fsprogs-libs.x86_64 0:1.42.9-17.el7 will be updated
---> Package e2fsprogs-libs.x86_64 0:1.42.9-19.el7 will be an update
---> Package libcom_err.x86_64 0:1.42.9-17.el7 will be updated
--> Processing Dependency: libcom_err(x86-64) = 1.42.9-17.el7 for package: libcom_err-devel-1.42.9-17.el7.x86_64
---> Package libcom_err.x86_64 0:1.42.9-19.el7 will be an update
---> Package libss.x86_64 0:1.42.9-17.el7 will be updated
---> Package libss.x86_64 0:1.42.9-19.el7 will be an update
--> Running transaction check
---> Package libcom_err-devel.x86_64 0:1.42.9-17.el7 will be updated
---> Package libcom_err-devel.x86_64 0:1.42.9-19.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================================================
Updating:
e2fsprogs x86_64 1.42.9-19.el7 os 701 k
Updating for dependencies:
e2fsprogs-libs x86_64 1.42.9-19.el7 os 168 k
libcom_err x86_64 1.42.9-19.el7 os 42 k
libcom_err-devel x86_64 1.42.9-19.el7 os 32 k
libss x86_64 1.42.9-19.el7 os 47 k
Transaction Summary
========================================================================================================================================================================
Upgrade 1 Package (+4 Dependent packages)
Total download size: 990 k
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/5): e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | 168 kB 00:00:00
(2/5): libcom_err-1.42.9-19.el7.x86_64.rpm | 42 kB 00:00:00
(3/5): libcom_err-devel-1.42.9-19.el7.x86_64.rpm | 32 kB 00:00:00
(4/5): libss-1.42.9-19.el7.x86_64.rpm | 47 kB 00:00:00
(5/5): e2fsprogs-1.42.9-19.el7.x86_64.rpm | 701 kB 00:00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 2.4 MB/s | 990 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : libcom_err-1.42.9-19.el7.x86_64 1/10
Updating : e2fsprogs-libs-1.42.9-19.el7.x86_64 2/10
Updating : libss-1.42.9-19.el7.x86_64 3/10
Updating : e2fsprogs-1.42.9-19.el7.x86_64 4/10
Updating : libcom_err-devel-1.42.9-19.el7.x86_64 5/10
Cleanup : e2fsprogs-1.42.9-17.el7.x86_64 6/10
Cleanup : libcom_err-devel-1.42.9-17.el7.x86_64 7/10
Cleanup : e2fsprogs-libs-1.42.9-17.el7.x86_64 8/10
Cleanup : libss-1.42.9-17.el7.x86_64 9/10
Cleanup : libcom_err-1.42.9-17.el7.x86_64 10/10
Verifying : e2fsprogs-libs-1.42.9-19.el7.x86_64 1/10
Verifying : libcom_err-1.42.9-19.el7.x86_64 2/10
Verifying : e2fsprogs-1.42.9-19.el7.x86_64 3/10
Verifying : libcom_err-devel-1.42.9-19.el7.x86_64 4/10
Verifying : libss-1.42.9-19.el7.x86_64 5/10
Verifying : libss-1.42.9-17.el7.x86_64 6/10
Verifying : e2fsprogs-libs-1.42.9-17.el7.x86_64 7/10
Verifying : e2fsprogs-1.42.9-17.el7.x86_64 8/10
Verifying : libcom_err-1.42.9-17.el7.x86_64 9/10
Verifying : libcom_err-devel-1.42.9-17.el7.x86_64 10/10
Updated:
e2fsprogs.x86_64 0:1.42.9-19.el7
Dependency Updated:
e2fsprogs-libs.x86_64 0:1.42.9-19.el7 libcom_err.x86_64 0:1.42.9-19.el7 libcom_err-devel.x86_64 0:1.42.9-19.el7 libss.x86_64 0:1.42.9-19.el7
Complete!
[root@VM-0-6-centos tmp]# chattr -i redis2
[root@VM-0-6-centos tmp]# chattr -e redis2
[root@VM-0-6-centos tmp]# chattr -i redis2
[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi
rm: cannot remove ‘kdevtmpfsi’: Operation not permitted
[root@VM-0-6-centos tmp]# rm -rf redis2
[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi
[root@VM-0-6-centos tmp]# chattr -e kdevtmpfsi
[root@VM-0-6-centos tmp]# rm -rf kdevtmpfis
[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi
[root@VM-0-6-centos tmp]# t
Usage: t [-RVf] [-+=aAcCdDeijsStTu] [-v version] files...
[root@VM-0-6-centos tmp]# top -H
top - 17:51:17 up 2 days, 2:51, 1 user, load average: 1.94, 1.86, 1.74
Threads: 174 total, 9 running, 156 sleeping, 9 stopped, 0 zombie
%Cpu(s): 90.8 us, 5.9 sy, 3.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 1882192 total, 173264 free, 1081460 used, 627468 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 640852 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
20253 root 20 0 712076 1620 872 R 44.5 0.1 8:24.16 kdevtmpfsi45376
21998 nobody 30 10 152072 27184 416 R 4.0 1.4 0:20.15 networkservice
21941 nobody 30 10 152072 27184 416 S 2.7 1.4 0:13.45 networkservice
21973 nobody 30 10 152072 27184 416 R 2.3 1.4 0:18.18 networkservice
21970 nobody 30 10 152072 27184 416 R 0.7 1.4 0:05.01 networkservice
1330 root 20 0 142504 2932 1144 R 0.3 0.2 2:01.95 redis-server
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.52 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.37 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:40.00 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.41 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.48 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.97 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
[9]+ Stopped top -H
[root@VM-0-6-centos tmp]# kill -9 20253
[root@VM-0-6-centos tmp]# kill -9 21998
[root@VM-0-6-centos tmp]# kill -9 21941
-bash: kill: (21941) - No such process
[root@VM-0-6-centos tmp]# top -H
top - 17:52:15 up 2 days, 2:51, 1 user, load average: 1.42, 1.47, 1.62
Threads: 167 total, 4 running, 153 sleeping, 10 stopped, 0 zombie
%Cpu(s): 53.6 us, 46.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 1882192 total, 182388 free, 1079800 used, 620004 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 645476 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
22453 nobody 20 0 142820 25532 416 S 26.7 1.4 0:03.70 networkservice
22457 nobody 20 0 142820 25532 416 S 21.7 1.4 0:03.37 networkservice
22455 nobody 20 0 142820 25532 416 R 13.7 1.4 0:03.62 networkservice
22454 nobody 20 0 142820 25532 416 R 3.3 1.4 0:00.54 networkservice
10545 mysql 20 0 1357216 392484 964 S 0.3 20.9 0:23.23 mysqld
22441 root 20 0 162064 2340 1596 R 0.3 0.1 0:00.07 top
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.52 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.38 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:40.01 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.41 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.48 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.97 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
[10]+ Stopped top -H
[root@VM-0-6-centos tmp]# rm -rf apache
[root@VM-0-6-centos tmp]# rm -rf nobody
[root@VM-0-6-centos tmp]# rm -rf root
[root@VM-0-6-centos tmp]# rm -rf www
[root@VM-0-6-centos tmp]# top -H
top - 17:55:00 up 2 days, 2:54, 1 user, load average: 1.19, 1.95, 1.40
Threads: 168 total, 6 running, 151 sleeping, 11 stopped, 0 zombie
%Cpu(s): 54.0 us, 45.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 1882192 total, 176708 free, 1085112 used, 620372 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 640156 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
22457 nobody 20 0 147304 29688 416 R 23.3 1.6 0:29.61 networkservice
22455 nobody 20 0 147304 29688 416 R 20.9 1.6 0:24.63 networkservice
22453 nobody 20 0 147304 29688 416 S 9.6 1.6 0:34.28 networkservice
22460 nobody 20 0 147304 29688 416 S 7.3 1.6 0:23.46 networkservice
22454 nobody 20 0 147304 29688 416 R 3.3 1.6 0:05.75 networkservice
10545 mysql 20 0 1357216 392484 964 R 0.3 20.9 0:23.39 mysqld
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.52 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.39 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:40.04 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.41 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.48 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.97 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
[11]+ Stopped top -H
[root@VM-0-6-centos tmp]# kill -9 22457
[root@VM-0-6-centos tmp]# top -H
top - 18:15:01 up 2 days, 3:14, 1 user, load average: 1.00, 1.31, 1.96
Threads: 172 total, 8 running, 152 sleeping, 12 stopped, 0 zombie
%Cpu(s): 82.7 us, 12.3 sy, 5.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 160040 free, 1086196 used, 635956 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 637032 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
24330 nobody 30 10 152328 27344 416 R 6.0 1.5 0:17.35 networkservice
24327 nobody 30 10 152328 27344 416 S 5.0 1.5 0:02.01 networkservice
24331 nobody 30 10 152328 27344 416 S 3.7 1.5 0:15.05 networkservice
24295 nobody 30 10 152328 27344 416 S 1.0 1.5 0:21.60 networkservice
24324 nobody 30 10 152328 27344 416 R 1.0 1.5 0:04.04 networkservice
572 root 20 0 26384 1608 1308 S 0.3 0.1 0:00.34 systemd-logind
1462 root 20 0 574204 12624 1296 S 0.3 0.7 0:13.47 tuned
10550 mysql 20 0 1357216 392504 984 S 0.3 20.9 0:02.38 mysqld
22497 root 20 0 162064 2352 1608 R 0.3 0.1 0:02.25 top
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.54 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.46 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:40.31 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.41 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.49 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
[12]+ Stopped top -H
[root@VM-0-6-centos tmp]# find / -name networkservice
/etc/networkservice
[root@VM-0-6-centos tmp]# cd /etc
[root@VM-0-6-centos etc]# lsattr networdservice
lsattr: No such file or directory while trying to stat networdservice
[root@VM-0-6-centos etc]# ^C
[root@VM-0-6-centos etc]# lsattr networkservice
----i--------e-- networkservice
[root@VM-0-6-centos etc]# chattr -e networkservice
chattr: Operation not supported while setting flags on networkservice
[root@VM-0-6-centos etc]# chattr -i networkservice
[root@VM-0-6-centos etc]# chattr -e networkservice
chattr: Operation not supported while setting flags on networkservice
[root@VM-0-6-centos etc]# rm -rf networkservice
[root@VM-0-6-centos etc]# top -H
top - 18:18:46 up 2 days, 3:18, 1 user, load average: 1.85, 1.47, 1.10
Threads: 171 total, 4 running, 154 sleeping, 13 stopped, 0 zombie
%Cpu(s): 81.2 us, 12.5 sy, 6.2 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 131436 free, 1084944 used, 665812 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 623524 avail Mem
Unknown command - try 'h' for help
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
24327 nobody 30 10 152328 27344 416 S 6.2 1.5 0:13.83 networkservice
24331 nobody 30 10 152328 27344 416 R 6.2 1.5 0:22.59 networkservice
24573 root 20 0 162064 2200 1544 R 6.2 0.1 0:00.01 top
1 root 20 0 43448 3468 2180 S 0.0 0.2 0:04.54 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:07.47 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:40.38 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.03 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:27.41 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.49 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:00.98 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:03.84 kworker/0:1H
246 root 0 -20 0 0 0 S 0.0 0.0 0:00.03 ata_sff
250 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
[13]+ Stopped top -H
[root@VM-0-6-centos etc]# KILL -9 24327
-bash: KILL: command not found
[root@VM-0-6-centos etc]# kill -9 24327
[root@VM-0-6-centos etc]# kill -9 24331
-bash: kill: (24331) - No such process
晚上23:00时许,再次发现挖矿病毒,不找到后门,这东西解决不掉,记录一下晚上23:10分的操作日志,解决挖矿病毒
Xshell 6 (Build 0204)
Copyright (c) 2002 NetSarang Computer, Inc. All rights reserved.
Type `help' to learn how to use Xshell prompt.
[F:\~]$
[root@VM-0-6-centos ~]# cd /tmp
[root@VM-0-6-centos tmp]# ll
total 8
-rwxr-xr-x 1 nobody nobody 2 Dec 16 22:00 kdevtmpfsi
-rw-r--r-- 1 nobody nobody 2 Dec 16 22:00 redis2
[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi
----i--------e-- kdevtmpfsi
[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi
[root@VM-0-6-centos tmp]# chattr -e kdevtmpfsi
[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi
[root@VM-0-6-centos tmp]# chattr -e redis2
[root@VM-0-6-centos tmp]# chattr -i redis2
[root@VM-0-6-centos tmp]# rm -rf redis2
[root@VM-0-6-centos tmp]# top -H
top - 23:12:12 up 2 days, 8:11, 1 user, load average: 1.72, 1.82, 1.78
Threads: 172 total, 6 running, 164 sleeping, 0 stopped, 2 zombie
%Cpu(s):100.0 us, 0.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 100428 free, 1333404 used, 448360 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 398608 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
9709 root 20 0 811488 5316 944 R 19.9 0.3 13:57.05 svcupdate
9723 nobody 20 0 807276 273160 944 R 19.9 14.5 13:38.50 sysupdate
9710 root 20 0 811488 5316 944 R 19.5 0.3 13:57.05 svcupdate
9722 nobody 20 0 807276 273160 944 R 19.5 14.5 13:38.48 sysupdate
9 root 20 0 0 0 0 S 0.3 0.0 0:43.49 rcu_sched
1 root 20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.01 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:09.00 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.04 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:28.65 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.66 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:01.07 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:04.03 kworker/0:1H
246 root 0 -20 0 0 0 S 0.0 0.0 0:00.03 ata_sff
[1]+ Stopped top -H
[root@VM-0-6-centos tmp]# ps -ef|grep sysupdate
nobody 8022 1 38 22:01 ? 00:27:22 /etc/sysupdate
root 16426 16297 0 23:12 pts/0 00:00:00 grep --color=auto sysupdate
[root@VM-0-6-centos tmp]# cd /etc
[root@VM-0-6-centos etc]# ll
total 5216
drwxr-xr-x. 3 root root 4096 Nov 5 2019 abrt
drwxr-xr-x. 4 root root 4096 Mar 7 2019 acpi
-rw-r--r--. 1 root root 16 Mar 7 2019 adjtime
-rw-r--r--. 1 root root 1518 Jun 7 2013 aliases
-rw-r--r-- 1 root root 12288 Mar 7 2019 aliases.db
drwxr-xr-x. 2 root root 4096 Sep 28 13:19 alternatives
-rw------- 1 root root 541 Aug 9 2019 anacrontab
-rw-r--r-- 1 root root 55 Aug 8 2019 asound.conf
-rw-r--r--. 1 root root 1 Oct 31 2018 at.deny
drwxr-x---. 3 root root 4096 Nov 5 2019 audisp
drwxr-x---. 3 root root 4096 Nov 5 2019 audit
-rw-r--r-- 1 root root 92 Dec 16 22:43 backup.db
drwxr-xr-x. 2 root root 4096 Aug 7 15:57 bash_completion.d
-rw-r--r-- 1 root root 3097 Sep 28 12:48 bashrc
drwxr-xr-x. 2 root root 4096 Jun 30 23:11 binfmt.d
-rw-r--r--. 1 root root 38 Nov 23 2018 centos-release
-rw-r--r--. 1 root root 51 Nov 23 2018 centos-release-upstream
drwxr-xr-x. 2 root root 4096 Aug 4 2017 chkconfig.d
-rw-r--r-- 1 root root 1108 Aug 8 2019 chrony.conf
-rw-r----- 1 root chrony 481 Aug 8 2019 chrony.keys
drwxr-xr-x. 2 root root 4096 Apr 20 2020 cifs-utils
drwxr-xr-x 4 root root 4096 Sep 28 12:47 cloud
-rwxrwxrwx 1 root root 2898 Nov 26 10:19 config.json
drwxr-xr-x. 2 root root 4096 Nov 21 19:25 cron.d
drwxr-xr-x. 2 root root 4096 Mar 7 2019 cron.daily
-rw------- 1 root root 0 Aug 9 2019 cron.deny
drwxr-xr-x. 2 root root 4096 Nov 21 19:25 cron.hourly
drwxr-xr-x. 2 root root 4096 Jun 10 2014 cron.monthly
-rw-r--r-- 1 root root 459 Dec 16 20:59 crontab
drwxr-xr-x. 2 root root 4096 Jun 10 2014 cron.weekly
-rw-------. 1 root root 0 Mar 7 2019 crypttab
-rw-r--r--. 1 root root 1620 Oct 31 2018 csh.cshrc
-rw-r--r--. 1 root root 866 Oct 31 2018 csh.login
drwxr-xr-x. 4 root root 4096 Aug 7 16:00 dbus-1
drwxr-xr-x. 2 root root 4096 Apr 22 2020 default
drwxr-xr-x. 2 root root 4096 Aug 5 16:17 depmod.d
drwxr-x---. 4 root root 4096 Aug 9 2019 dhcp
-rw-r--r-- 1 root root 5090 Aug 6 2019 DIR_COLORS
-rw-r--r-- 1 root root 5725 Aug 6 2019 DIR_COLORS.256color
-rw-r--r-- 1 root root 4669 Aug 6 2019 DIR_COLORS.lightbgcolor
-rw-r--r-- 1 root root 1363 Nov 6 2019 dracut.conf
drwxr-xr-x. 2 root root 4096 Aug 5 16:17 dracut.conf.d
-rw-r--r-- 1 root root 112 Sep 30 21:21 e2fsck.conf
drwxr-xr-x 3 root root 4096 Sep 28 13:18 egl
-rw-r--r--. 1 root root 0 Oct 31 2018 environment
-rw-r--r--. 1 root root 1317 Apr 11 2018 ethertypes
-rw-r--r--. 1 root root 0 Jun 7 2013 exports
lrwxrwxrwx. 1 root root 56 Mar 7 2019 favicon.png -> /usr/share/icons/hicolor/16x16/apps/fedora-logo-icon.png
-rw-r--r--. 1 root root 70 Oct 31 2018 filesystems
drwxr-x---. 7 root root 4096 Apr 20 2020 firewalld
drwxr-xr-x 3 root root 4096 Sep 28 13:18 fonts
-rw-r--r-- 1 root root 313 Sep 28 12:47 fstab
drwxr-xr-x 7 root root 4096 Sep 28 13:18 gconf
drwxr-xr-x. 2 root root 4096 Aug 2 2017 gcrypt
-rw-r--r-- 1 root root 265 Aug 6 2019 gdbinit
drwxr-xr-x. 2 root root 4096 Aug 6 2019 gdbinit.d
-rw-r--r-- 1 root root 1704 Aug 13 2019 GeoIP.conf
drwxr-xr-x 3 root root 4096 Sep 28 13:18 glvnd
drwxr-xr-x. 2 root root 4096 Jul 13 2018 gnupg
-rw-r--r--. 1 root root 94 Mar 25 2017 GREP_COLORS
drwxr-xr-x. 4 root root 4096 Mar 7 2019 groff
-rw-r--r-- 1 root root 602 Sep 28 16:51 group
-rw-r--r--. 1 root root 590 Nov 5 2019 group-
lrwxrwxrwx 1 root root 22 Aug 7 15:56 grub2.cfg -> ../boot/grub2/grub.cfg
drwx------. 2 root root 4096 Aug 7 15:56 grub.d
---------- 1 root root 481 Sep 28 16:51 gshadow
----------. 1 root root 471 Nov 5 2019 gshadow-
drwxr-xr-x. 3 root root 4096 Apr 1 2020 gss
-rw-r--r--. 1 root root 9 Jun 7 2013 host.conf
-rw-r--r-- 1 root root 14 Sep 28 12:47 hostname
-rw-r--r-- 1 root root 4684 Nov 8 22:17 hosts
-rw-r--r--. 1 root root 370 Jun 7 2013 hosts.allow
-rw-r----- 1 root root 46 Nov 8 22:17 hostsd
-rw-r--r--. 1 root root 460 Jun 7 2013 hosts.deny
-rw-r--r-- 1 root root 7 Aug 5 15:28 img_version
drwxr-xr-x 2 root root 4096 Aug 5 16:11 infiniband
drwxr-xr-x 2 root root 4096 Aug 5 16:08 infiniband-diags
lrwxrwxrwx. 1 root root 11 Mar 7 2019 init.d -> rc.d/init.d
-rw-r--r-- 1 root root 511 Aug 9 2019 inittab
-rw-r--r--. 1 root root 942 Jun 7 2013 inputrc
drwxr-xr-x. 2 root root 4096 Apr 20 2020 iproute2
drwxr-xr-x 2 root root 4096 Nov 6 2019 iscsi
-rw-r--r--. 1 root root 23 Nov 23 2018 issue
-rw-r--r--. 1 root root 22 Nov 23 2018 issue.net
drwxr-xr-x 3 root root 4096 Sep 28 13:18 java
drwxr-xr-x 2 root root 4096 Nov 21 2015 jvm
drwxr-xr-x 2 root root 4096 Nov 21 2015 jvm-commmon
-rw-r--r-- 1 root root 7274 Nov 5 2019 kdump.conf
drwxr-xr-x. 3 root root 4096 Mar 7 2019 kernel
-rw-r--r-- 1 root root 646 Mar 31 2020 krb5.conf
drwxr-xr-x. 2 root root 4096 Apr 1 2020 krb5.conf.d
-rw-r--r-- 1 root root 36012 Dec 16 17:47 ld.so.cache
-rw-r--r-- 1 root root 28 Feb 28 2013 ld.so.conf
drwxr-xr-x. 2 root root 4096 Nov 21 19:25 ld.so.conf.d
-rw-r----- 1 root root 191 Mar 2 2019 libaudit.conf
drwxr-xr-x 2 root root 4096 Aug 5 16:11 libibverbs.d
drwxr-xr-x. 2 root root 4096 Mar 7 2019 libnl
drwxr-xr-x. 6 root root 4096 Nov 5 2019 libreport
-rw-r--r--. 1 root root 2388 Mar 7 2019 libuser.conf
-rw-r--r-- 1 root root 16 Sep 28 12:48 locale.conf
lrwxrwxrwx. 1 root root 35 Mar 7 2019 localtime -> ../usr/share/zoneinfo/Asia/Shanghai
-rw-r--r-- 1 root root 2046 Aug 5 15:28 login.defs
-rw-r--r-- 1 root root 2027 Aug 6 2019 login.defs.rpmnew
-rw-r--r--. 1 root root 662 Jul 31 2013 logrotate.conf
drwxr-xr-x. 4 root root 4096 Sep 28 16:51 logrotate.d
drwxr-xr-x. 3 root root 4096 Nov 5 2019 lsm
drwxr-xr-x. 6 root root 4096 Nov 5 2019 lvm
-r--r--r--. 1 root root 33 Sep 28 12:47 machine-id
-rw-r--r-- 1 root root 30 Sep 28 12:47 machine-info
-rw-r--r-- 1 root root 111 Apr 1 2020 magic
-rw-r--r--. 1 root root 1968 Apr 11 2018 mail.rc
-rw-r--r-- 1 root root 5122 Aug 8 2019 makedumpfile.conf.sample
-rw-r--r--. 1 root root 5171 Oct 31 2018 man_db.conf
drwxr-xr-x 2 root root 4096 Nov 21 2015 maven
-rw-r--r-- 1 root root 1106 Sep 30 23:58 mke2fs.conf
drwxr-xr-x. 2 root root 4096 Sep 28 12:47 modprobe.d
drwxr-xr-x. 2 root root 4096 Jun 30 23:11 modules-load.d
-rw-r--r--. 1 root root 0 Jun 7 2013 motd
lrwxrwxrwx. 1 root root 17 Mar 7 2019 mtab -> /proc/self/mounts
-rw-r--r-- 1 root root 1243 Jun 17 2020 my.cnf
drwxr-xr-x 2 root root 4096 Jun 17 2020 my.cnf.d
-rw-r--r--. 1 root root 8892 Jun 10 2014 nanorc
-rw-r--r-- 1 root root 767 Aug 9 2019 netconfig
drwxr-xr-x. 7 root root 4096 Apr 20 2020 NetworkManager
-rw-r--r-- 1 root root 58 Aug 9 2019 networks
-rwxrwxrwx 1 root root 33809 Nov 26 10:19 newsvc.sh
-rw-r--r--. 1 root root 1746 Mar 7 2019 nsswitch.conf
-rw-r--r--. 1 root root 1735 Oct 30 2018 nsswitch.conf.bak
-rw-r--r-- 1 root root 1938 Aug 7 2019 nsswitch.conf.rpmnew
drwxr-xr-x. 3 root root 4096 Aug 7 16:01 ntp
-rw-r--r-- 1 root root 2241 Sep 28 12:47 ntp.conf
drwxr-xr-x. 3 root root 4096 Jan 30 2019 openldap
drwxr-xr-x. 2 root root 4096 Apr 11 2018 opt
-rw-r--r--. 1 root root 393 Nov 23 2018 os-release
drwxr-xr-x. 2 root root 4096 Aug 5 15:32 pam.d
-rw-r--r-- 1 root root 1194 Sep 28 16:51 passwd
-rw-r--r--. 1 root root 1141 Nov 5 2019 passwd-
drwxr-xr-x. 3 root root 4096 Mar 7 2019 pkcs11
drwxr-xr-x. 10 root root 4096 Mar 7 2019 pki
drwxr-xr-x. 2 root root 4096 Nov 5 2019 plymouth
drwxr-xr-x. 5 root root 4096 Mar 7 2019 pm
drwxr-xr-x. 5 root root 4096 Sep 14 2019 polkit-1
drwxr-xr-x. 2 root root 4096 Jun 10 2014 popt.d
drwxr-xr-x. 2 root root 4096 Mar 7 2019 postfix
drwxr-xr-x. 3 root root 4096 Nov 5 2019 ppp
drwxr-xr-x. 2 root root 4096 Aug 7 15:56 prelink.conf.d
-rw-r--r--. 1 root root 233 Jun 7 2013 printcap
-rw-r--r-- 1 root root 1805 Aug 5 15:28 profile
drwxr-xr-x. 2 root root 4096 Nov 5 2019 profile.d
-rw-r--r--. 1 root root 6545 Oct 31 2018 protocols
drwxr-xr-x. 2 root root 4096 Aug 5 15:32 python
-rw-r--r-- 1 root root 6 Sep 28 12:47 qcloudzone
drwxr-xr-x. 3 root root 4096 Nov 5 2019 qemu-ga
lrwxrwxrwx 1 root root 10 Nov 5 2019 rc0.d -> rc.d/rc0.d
lrwxrwxrwx 1 root root 10 Nov 5 2019 rc1.d -> rc.d/rc1.d
lrwxrwxrwx 1 root root 10 Nov 5 2019 rc2.d -> rc.d/rc2.d
lrwxrwxrwx 1 root root 10 Nov 5 2019 rc3.d -> rc.d/rc3.d
lrwxrwxrwx 1 root root 10 Nov 5 2019 rc4.d -> rc.d/rc4.d
lrwxrwxrwx 1 root root 10 Nov 5 2019 rc5.d -> rc.d/rc5.d
lrwxrwxrwx 1 root root 10 Nov 5 2019 rc6.d -> rc.d/rc6.d
drwxr-xr-x. 10 root root 4096 Oct 19 18:16 rc.d
lrwxrwxrwx 1 root root 18 Aug 6 16:03 rc.local -> /etc/rc.d/rc.local
drwxr-xr-x 2 root root 4096 Aug 5 16:11 rdma
lrwxrwxrwx. 1 root root 14 Mar 7 2019 redhat-release -> centos-release
drwxr-xr-x 2 root root 4096 Nov 10 14:10 redis
-rw-r--r-- 1 root root 89 Dec 14 15:00 resolv.conf
-rw-r--r-- 1 root root 1634 Dec 25 2012 rpc
drwxr-xr-x. 2 root root 4096 Sep 28 13:18 rpm
-rw-r--r-- 1 root root 458 Apr 26 2019 rsyncd.conf
-rw-r--r-- 1 root root 3232 Nov 28 2019 rsyslog.conf
drwxr-xr-x. 2 root root 4096 Jun 23 23:40 rsyslog.d
-rw-r--r-- 1 root root 966 Aug 9 2019 rwtab
drwxr-xr-x. 2 root root 4096 Aug 9 2019 rwtab.d
drwxr-xr-x. 2 root root 4096 Mar 7 2019 sasl2
drwxr-xr-x. 3 root root 4096 Mar 7 2019 scl
-rw-------. 1 root root 255 Aug 5 15:28 securetty
drwxr-xr-x. 6 root root 4096 Mar 7 2019 security
drwxr-xr-x. 5 root root 4096 Aug 5 15:28 selinux
-rw-r--r--. 1 root root 670293 Jun 7 2013 services
-rw-r--r-- 1 root root 216 Aug 9 2019 sestatus.conf
drwxr-xr-x. 2 root root 4096 Mar 7 2019 setuptool.d
---------- 1 root root 679 Sep 28 16:51 shadow
----------. 1 root root 658 Sep 28 12:47 shadow-
-rw-r--r--. 1 root root 63 Mar 7 2019 shells
drwxr-xr-x. 2 root root 4096 Aug 7 15:54 skel
-rw-r--r-- 1 root root 138 Mar 18 2020 sos.conf
drwxr-xr-x. 2 root root 4096 Nov 21 19:25 ssh
drwxr-xr-x. 2 root root 4096 Apr 20 2020 ssl
-rw-r--r-- 1 root root 212 Aug 9 2019 statetab
drwxr-xr-x. 2 root root 4096 Aug 9 2019 statetab.d
-rw-r--r--. 1 root root 0 Oct 31 2018 subgid
-rw-r--r--. 1 root root 0 Oct 31 2018 subuid
-rw-r----- 1 root root 1786 Nov 28 2019 sudo.conf
-r--r----- 1 root root 4328 Nov 28 2019 sudoers
drwxr-x---. 2 root root 4096 Sep 28 12:47 sudoers.d
-rw-r----- 1 root root 3181 Nov 28 2019 sudo-ldap.conf
-rwxrwxrwx 1 root root 0 Nov 11 17:45 svcguard
-rwxrwxrwx 1 root root 1102480 Sep 1 12:48 svcupdate
-rwxrwxrwx 1 root root 0 Nov 11 17:45 svcworkmanager
drwxr-xr-x. 6 root root 4096 Sep 28 12:48 sysconfig
-rw-r--r-- 1 root root 2059 Dec 16 22:00 sysctl.conf
drwxr-xr-x. 2 root root 4096 Jun 30 23:11 sysctl.d
-rwxrwxrwx 1 root root 1472144 Dec 8 23:03 sysguard
drwxr-xr-x. 4 root root 4096 Aug 5 15:32 systemd
lrwxrwxrwx. 1 root root 14 Mar 7 2019 system-release -> centos-release
-rw-r--r--. 1 root root 23 Nov 23 2018 system-release-cpe
-rwxrwxrwx 1 root root 1102480 Oct 20 08:35 sysupdate
-rw-r--r-- 1 root root 9 Oct 20 09:00 sysupdates
drwxr-xr-x. 2 root root 4096 Sep 7 2017 terminfo
drwxr-xr-x. 2 root root 4096 Jun 30 23:11 tmpfiles.d
-rw-r--r-- 1 root root 750 Jun 1 2020 trusted-key.key
drwxr-xr-x. 3 root root 4096 Nov 5 2019 tuned
drwxr-xr-x. 3 root root 4096 Aug 5 15:32 udev
-rw-r--r--. 1 root root 557 Apr 11 2018 updatedb.conf
-rwxrwxrwx 1 root root 37659 Oct 20 09:00 update.sh
-rw-r--r--. 1 root root 1523 Apr 11 2018 usb_modeswitch.conf
-rw-rw-rw- 1 root root 43 Sep 28 12:47 uuid
-rw-r--r--. 1 root root 37 Mar 7 2019 vconsole.conf
-rw-r--r-- 1 root root 1982 Aug 9 2019 vimrc
-rw-r--r-- 1 root root 1982 Aug 9 2019 virc
-rw-r--r-- 1 root root 4479 May 16 2019 wgetrc
drwxr-xr-x. 2 root root 4096 Mar 7 2019 wpa_supplicant
drwxr-xr-x. 5 root root 4096 Mar 7 2019 X11
drwxr-xr-x. 4 root root 4096 Mar 7 2019 xdg
drwxr-xr-x. 2 root root 4096 Apr 11 2018 xinetd.d
drwxr-xr-x. 6 root root 4096 Nov 5 2019 yum
-rw-r--r-- 1 root root 992 Aug 5 16:11 yum.conf
drwxr-xr-x. 2 root root 4096 Sep 28 16:42 yum.repos.d
-rw-r--r-- 1 root root 459 Dec 16 22:42 zzh
[root@VM-0-6-centos etc]# lsattr sycupdate
lsattr: No such file or directory while trying to stat sycupdate
[root@VM-0-6-centos etc]# lsattr svcupdate
----i--------e-- svcupdate
[root@VM-0-6-centos etc]# chattr -i svcupdate
[root@VM-0-6-centos etc]# chattr -e svcupdate
chattr: Operation not supported while setting flags on svcupdate
[root@VM-0-6-centos etc]# lsattr svcupdate
-------------e-- svcupdate
[root@VM-0-6-centos etc]# rm -rf svcupdate
[root@VM-0-6-centos etc]# lsattr sysupdate
----i--------e-- sysupdate
[root@VM-0-6-centos etc]# chattr -e sysupdate
chattr: Operation not supported while setting flags on sysupdate
[root@VM-0-6-centos etc]# chattr -i sysupdate
[root@VM-0-6-centos etc]# chattr -e sysupdate
chattr: Operation not supported while setting flags on sysupdate
[root@VM-0-6-centos etc]# rm -rf sysupdate
[root@VM-0-6-centos etc]# chattr -i svcworkmanager
[root@VM-0-6-centos etc]# chattr -e svcworkmanager
[root@VM-0-6-centos etc]# rm -rf svcworkmanager
[root@VM-0-6-centos etc]# top -H
top - 23:17:38 up 2 days, 8:17, 1 user, load average: 1.32, 1.58, 1.69
Threads: 170 total, 16 running, 151 sleeping, 1 stopped, 2 zombie
%Cpu(s): 94.4 us, 5.6 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 98956 free, 1332036 used, 451200 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 399880 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
9710 root 20 0 811492 5328 944 R 23.5 0.3 15:01.82 svcupdate
9709 root 20 0 811492 5328 944 R 17.6 0.3 15:01.82 svcupdate
9722 nobody 20 0 807280 273168 944 R 17.6 14.5 14:43.26 sysupdate
9723 nobody 20 0 807280 273168 944 R 17.6 14.5 14:43.25 sysupdate
16552 root 20 0 162064 2216 1544 R 5.9 0.1 0:00.01 top
1 root 20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.01 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:09.00 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 R 0.0 0.0 0:43.52 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.04 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:28.65 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.66 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:01.07 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:04.03 kworker/0:1H
[2]+ Stopped top -H
[root@VM-0-6-centos etc]# kill -9 9710
[root@VM-0-6-centos etc]# kill -9 9709
-bash: kill: (9709) - No such process
[root@VM-0-6-centos etc]# top -H
top - 23:18:04 up 2 days, 8:17, 1 user, load average: 1.90, 1.46, 1.65
Threads: 161 total, 4 running, 155 sleeping, 2 stopped, 0 zombie
%Cpu(s): 99.3 us, 0.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 104040 free, 1326924 used, 451228 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 405036 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
9722 nobody 20 0 807280 273168 944 R 38.5 14.5 14:50.08 sysupdate
9723 nobody 20 0 807280 273168 944 R 29.9 14.5 14:49.82 sysupdate
1330 root 20 0 142504 2956 1144 S 0.3 0.2 2:14.71 redis-server
10545 mysql 20 0 1357216 391724 0 S 0.3 20.8 0:45.94 mysqld
10549 mysql 20 0 1357216 391724 0 S 0.3 20.8 0:03.33 mysqld
1 root 20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.01 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:09.00 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:43.52 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.04 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:28.65 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.66 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:01.07 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:04.03 kworker/0:1H
[3]+ Stopped top -H
[root@VM-0-6-centos etc]# kill -9 9722
[root@VM-0-6-centos etc]# kill -9 9723
-bash: kill: (9723) - No such process
[root@VM-0-6-centos etc]# top -H
top - 23:18:44 up 2 days, 8:18, 1 user, load average: 1.73, 1.12, 1.52
Threads: 153 total, 1 running, 149 sleeping, 3 stopped, 0 zombie
%Cpu(s): 99.7 us, 0.3 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1882192 total, 376920 free, 1053884 used, 451388 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 678092 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
16581 root 20 0 162064 2344 1608 R 0.3 0.1 0:00.04 top
1 root 20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.01 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:09.00 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:43.53 rcu_sched
10 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lru-add-drain
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
14 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 netns
15 root 20 0 0 0 0 S 0.0 0.0 0:00.04 khungtaskd
16 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 writeback
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kintegrityd
18 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
19 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
20 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bioset
21 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kblockd
22 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 md
23 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 edac-poller
24 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 watchdogd
30 root 20 0 0 0 0 S 0.0 0.0 0:28.65 kswapd0
31 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
32 root 39 19 0 0 0 S 0.0 0.0 0:00.66 khugepaged
33 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 crypto
41 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kthrotld
43 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kmpath_rdacd
44 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kaluad
45 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
46 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 ipv6_addrconf
59 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 deferwq
101 root 20 0 0 0 0 S 0.0 0.0 0:01.07 kauditd
194 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
241 root 0 -20 0 0 0 S 0.0 0.0 0:04.03 kworker/0:1H
246 root 0 -20 0 0 0 S 0.0 0.0 0:00.03 ata_sff
250 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
251 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 scsi_tmf_0
253 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_1
[4]+ Stopped top -H
[root@VM-0-6-centos etc]# redis
-bash: redis: command not found
[root@VM-0-6-centos etc]#
标签:20,centos,--,0.0,服务器,日志,00.00,root,挖矿 来源: https://blog.csdn.net/qq_44752800/article/details/111305164