NOVA - For the NeXT Workstation

home *** CD-ROM | disk | FTP | other *** search

/ NOVA - For the NeXT Workstation / NOVA - For the NeXT Workstation.iso / Documents / NeXTAnswers / sysadmin.592 < prev next >

Wrap

Text File | 1992-02-06 | 5KB | 142 lines

{\rtf0\ansi{\fonttbl\f0\fnil Times-Roman;\f1\fmodern Courier;} \paperw11760 \paperh6540 \margl120 \margr120 {\colortbl\red0\green0\blue0;} \pard\tx960\tx1920\tx2880\tx3840\tx4800\tx5760\tx6720\tx7680\tx8640\tx9600\f0\b0\i0\ul0\fs28 performance network security thrashing \ \ Q: Help! My machine has slowed to molasses. Even doing an \b ls \b0 in a terminal window takes forever. A \b ps \b0 shows the process numbers in the PID table are in the thousands — even soon after reboot. There are 3 defunct processes owned by root with priority of -1 which can't be killed. When trying to launch Mathematica on my 12MB machine to run a simple plot I get an “insufficient memory” error. What can I do?\ \i \ \i0 A: The key symptom of this problem is the defunct or “zombie” processes shown in the PID table. A zombie process occurs when a child process dies after its parent has died, and no \b wait \b0 () has been done for the child. Once the child process dies, it is inherited by \b init \b0 and owned by \b root \b0 . These processes are \i not \i0 consuming any system resources, except for one process table slot. They are not using memory or CPU time because they are done executing and therefore cannot be killed. When a UNIX system exhibits this type of problem (spawning lots of zombies) then some system process (often a getty) is trying to start, is failing, and is re-trying endlessly.\ \ Good places to look for causes of such problems are the following system files (all in \b /etc \b0 )\ \ \pard\tx1140\tx2300\tx3440\tx4600\tx5760\tx6900\tx8060\tx9200\tx10360\tx11520\fi20\li500\fc0 rc\ rc.boot\ rc.local\ rc.swap\ crontab\ ttys\ gettytab\ \pard\tx960\tx1920\tx2880\tx3840\tx4800\tx5760\tx6720\tx7680\tx8640\tx9600 \ Perform a checksum (using \b sum \b0 ) on the suspect file on your system and compare to the checksum of the same file on your Software Release master. A difference in the two numbers does not necessarily indicate an error — you might have intentionally changed something — but it does mean the the file should be more closely scutinized, especially if you don't think you've changed the file.\ \ For example, the first several lines of the /etc/ttys file on a stock, unmodified 1.0, 1.0a, 2.0, or 2.1 disk will look like this:\ \ \pard\tx1140\tx2300\tx3440\tx4600\tx5760\tx6900\tx8060\tx9200\tx10360\tx11520\f1\fs24\li340\fc0 #\ # name getty type status comments\ #\ # If you do not want to start the window server by default, you can\ # uncomment the first entry and comment out the second.\ #\ # console "/usr/etc/getty std.9600" NeXT on secure\ console /usr/lib/NextStep/loginwindow NeXT on secure window=/usr/lib/NextStep/WindowServer onoption="/usr/etc/getty std.9600"\ ttya "/usr/etc/getty std.9600" unknown off secure\ ttyb "/usr/etc/getty std.9600" unknown off secure\ ttyda "/usr/etc/getty D9600" unknown off\ ttydb "/usr/etc/getty D9600" unknown off\ ttyp0 none network\ ttyp1 none network\ \pard\tx960\tx1920\tx2880\tx3840\tx4800\tx5760\tx6720\tx7680\tx8640\tx9600\f0\fs28 \ The man page on \b ttys \b0 explains that the flag \b on \b0 and \b off \b0 in the fourth column specify whether \b init \b0 should execute the command given in the second field. It's an error to specify \b on \b0 if the second field contains \b none \b0 . The \b secure \b0 further qualifies an \b on \b0 to allow root to login to this line. \i (See more about the “secure” flag below.) \i0 \ \ Specifying \b on \b0 so that someone may log in over the network tty line will cause the performance degradation described above. The network entries should \i never \i0 specify \b on \b0 . In other words, an \b /etc/ttys \b0 file which contains the following entries is an \i error \i0 :\ \ \pard\tx1140\tx2300\tx3440\tx4600\tx5760\tx6900\tx8060\tx9200\tx10360\tx11520\f1\fs24\fc0 ttyp0 none network on secure\ ttyp1 none network on secure\ ttyp2 none network on secure\ \pard\tx960\tx1920\tx2880\tx3840\tx4800\tx5760\tx6720\tx7680\tx8640\tx9600\f0\fs28 \ If this is the case, either change the \b on \b0 entry to \b off \b0 and reboot, or restore the file from a Sofware release disk and reboot. As an alternative to rebooting after modifying the \b ttys \b0 file, you may type in a Terminal as root:\ \ \f1\fs24 rhino-22# \b kill -HUP 1 \f0\b0\fs28 \ \ This will tell the \b init \b0 process to re-read the \b ttys \b0 file.\ \ \pard\tx1240\tx2480\tx3740\tx4980\tx6240\tx7480\tx8720\tx9980\tx11220\tx12480\b\fc0 Warning \b0 : specifying \b off \b0 and \b secure \b0 on ttyp0 (for example) is permissable but not advisable. This would allow users to \b rlogin \b0 or \b telnet \b0 as root to the machine on pseudo port 0 and can present a security risk. See Chapter 16, “Security,” in the 2.0 \i NeXT Network and System Administration \i0 manual for more information on security in general.\ \pard\tx960\tx1920\tx2880\tx3840\tx4800\tx5760\tx6720\tx7680\tx8640\tx9600 \ QA592\ \ Valid for 1.0 \ Valid for 2.0\ \