[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #LXP-916564]: ldmping



Michael,

> Thanks again for your reply last evening and your assistance throughout this 
> issue.  I checked the ownership and permissions on both hupsyslog and 
> rpc.ldmd this morning and found that they're owned by root and have the "s" 
> bit set.  I should have included more detail in my previous message.  We did 
> run the "make install_setuids" step when we rebuilt ldm yesterday.  My 
> apologies for the confusion.

That might not be the problem, then.  You should verify that the LDM server is 
listening on the correct port, however, by using the netstat(1) utility and 
looking for the LDM port (e.g., "netstat -n -a -t | grep 388).  Please tell me 
what you discover.

> We're still seeing a "SVC_UNAVAIL" error when attempting "ldmping localhost". 
>  We do get some traffic so the port seems to be available if only on a 
> limited basis.  We do however see a large number of connections denied or 
> dropped.  I think the plan this morning is to return the linux kernel we were 
> using prior to updating our OS last Wednesday.  That work is in progress this 
> morning.  We'll see if that clears up the problem.

I can't think of any installation or configuration problem that would result in 
the intermittent behavior you describe.  A problem with the operating system is 
a possibility, as is a denial-of-service attack.

> Thanks again for your assistance.  I'll let you know what we find.  Oh, 
> incidentally, the /usr/local/ldm/bin directory is listed below showing 
> ownership and permissions.  This problem really has me scratching my head.
> 
> Michael
> 
> 
> drwxr-xr-x 2 ldm  ldm   4096 Apr 13 16:45 .
> drwxr-xr-x 7 ldm  ldm   4096 Apr 13 16:45 ..
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 afos -> pqing
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 ddplus -> pqing
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 dds -> pqing
> -rwxr-xr-x 1 ldm  ldm 117826 Apr 16 12:34 feedme
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 feedtest -> pqing
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 hds -> pqing
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 hrs -> pqing
> -rwsr-xr-x 1 root ldm   7731 Apr 16 12:34 hupsyslog
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 ids -> pqing
> -rwxr-xr-x 1 ldm  ldm  26604 Apr 16 12:34 ldmadmin
> -rwxr-xr-x 1 ldm  ldm  23611 Apr 16 12:34 ldmcheck
> -rwxr-xr-x 1 ldm  ldm   7418 Apr 16 12:34 ldmfail
> -rwxr-xr-x 1 ldm  ldm 115726 Apr 16 12:34 ldmping
> -rwxr-xr-x 1 ldm  ldm  86768 Apr 16 12:34 ldmsend
> -rwxr-xr-x 1 ldm  ldm   9002 Apr 16 12:34 netcheck
> -rwxr-xr-x 1 ldm  ldm    910 Apr 16 12:34 newlog
> -rwxr-xr-x 1 ldm  ldm 117584 Apr 16 12:34 notifyme
> lrwxrwxrwx 1 ldm  ldm      5 Apr 13 16:45 pps -> pqing
> -rwxr-xr-x 1 ldm  ldm 130938 Apr 16 12:34 pqact
> -rwxr-xr-x 1 ldm  ldm 102490 Apr 16 12:34 pqcat
> -rwxr-xr-x 1 ldm  ldm  94190 Apr 16 12:34 pqcheck
> -rwxr-xr-x 1 ldm  ldm  93395 Apr 16 12:34 pqcreate
> -rwxr-xr-x 1 ldm  ldm  97700 Apr 16 12:34 pqexpire
> -rwxr-xr-x 1 ldm  ldm 144859 Apr 16 12:34 pqing
> -rwxr-xr-x 1 ldm  ldm 107965 Apr 16 12:34 pqinsert
> -rwxr-xr-x 1 ldm  ldm  97659 Apr 16 12:34 pqmon
> -rwxr-xr-x 1 ldm  ldm 160021 Apr 16 12:34 pqsend
> -rwxr-xr-x 1 ldm  ldm 121598 Apr 16 12:34 pqsurf
> -rwxr-xr-x 1 ldm  ldm 123540 Apr 16 12:34 pqutil
> -rwxr-xr-x 1 ldm  ldm   8661 Apr 16 12:34 regex
> -rwsr-xr-x 1 root ldm 242551 Apr 16 12:34 rpc.ldmd
> -rwxr-xr-x 1 ldm  ldm 139510 Apr 16 12:34 rtstats
> -rwxr-xr-x 1 ldm  ldm   4208 Apr 16 12:34 scour
> -rwxr-xr-x 1 ldm  ldm   2158 Apr 16 12:34 scriptconfig
> -rwxr-xr-x 1 ldm  ldm   7389 Apr 16 12:34 syscheck

Those permissions look OK.  Verify using netstat(1), however, because the 
operating system can be configured to ignore the setuid permission when the 
file is owned by root.

Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: LXP-916564
Department: Support LDM
Priority: Normal
Status: Closed