unable to login as oracle user
Josh Miller
joshua at itsecureadmin.com
Fri Feb 2 21:06:48 UTC 2007
When did this behavior begin? When is the last time you patched
anything on this box? What changed?
This behavior is indicative of a recent patch with the current processes
unaware of changes that may have occurred. If you have recently
patched and after patching this behavior began, this might be resolved
with a system reboot.
Thanks,
Josh Miller, RHCE
Troy Knabe wrote:
>
>
> m.roth2006 at rcn.com wrote:
>>> Date: Fri, 02 Feb 2007 11:00:55 -0800
>>> From: Troy Knabe <knabe at 4j.lane.edu>
>>> We have 3 Red Hat 4.4 AS Servers running RAC 10G. Today one of them
>>> had load averages of over 160. But processors were 99% idle.
>>
>> That's dreadful!
>>
>>> None of the RAC boxes were responding during this time. I was able
>>> to login fine (my local user), and sudo su -. But when I tried to
>>> sudo su - oracle, it just hung. Finally rebooting fixed the issue.
>>> As I have been looking through log files, this is the only thing
>>> "weird" I have found. We only use local authentication on the box.
>>>
>>> /var/log/secure:
>>>
>>> Feb 2 08:22:14 orarac1 login: PAM unable to
>>> dlopen(/lib/security/pam_limits.so)
>>
>> PAM *is* local - check to see if the file /lib/security/pam_limits.so
>> exists, and what the permissions and ownership are. PAM is the
>> authentication system that comes with all Linux these days.
>>
> Yes, I was just trying to give as much info as possible, so people
> didn't ask if I was ldap authenticating for instance.
>
> The file is there, with permissions 755 root:root. Last time it was
> altered was May 12th, 2006, same timestamp as most everything else.
>
> The thing that really confuses me, is why did the error appear when we
> tried to su - oracle, and not when attempting to go to root, or login as
> a "normal" user.
>
>
>> I'd worry that something happened to your box, either accidentally, or
>> through an attack.
>
> I haven't eliminated that as a possibility (especially the accidental
> thought)
>
> -Troy
>>
>> mark
>>
>
More information about the redhat-list
mailing list