【Linux】lsof: no pwd entry for UID xx
今天在使用lsof查找那些进程使用libwrap的时候发现结果如下>>> lsof | grep libwrap...lsof: no pwd entry for UID 33lsof: no pwd entry for UID 33lsof: no pwd entry for UID 33lsof: no pwd entry for UID 33lsof: no pwd ent
·
今天在使用lsof查找那些进程使用libwrap的时候发现结果如下
>>> lsof | grep libwrap
...
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
lsof: no pwd entry for UID 33
sshd 5915 root mem REG 253,1 42520 1054255 /usr/lib64/libwrap.so.0.7.6
sshd 9512 root mem REG 253,1 42520 1054255 /usr/lib64/libwrap.so.0.7.6
之所以出现大量‘lsof: no pwd entry for UID 33’的情况,原因有二:
- 进程在用户被删除之前启动,并且从那以后一直在运行;
- 进程在容器内被启动
查看后发现UID 33的进程仅有nginx的worker进程,而这台服务器的nginx只在容器内启动,所以应该是第二个原因导致的。
>>> ps -ef | grep 33
...
33 4334 4333 0 Feb07 ? 00:00:00 nginx: worker process
33 4335 4333 0 Feb07 ? 00:00:00 nginx: worker process
...
但为什么会出现这么多条‘lsof: no pwd entry for UID 33’,原因还未可知。
使用’-w’参数可以过滤掉这些信息
>>> lsof -w | grep libwrap
auditd 464 root mem REG 253,1 42520 1054255 /usr/lib64/libwrap.so.0.7.6
auditd 464 465 root mem REG 253,1 42520 1054255 /usr/lib64/libwrap.so.0.7.6
sshd 5915 root mem REG 253,1 42520 1054255 /usr/lib64/libwrap.so.0.7.6
sshd 9512 root mem REG 253,1 42520 1054255 /usr/lib64/libwrap.so.0.7.6
参考:
https://www.cnblogs.com/diyunpeng/archive/2012/06/30/2571307.html
https://unix.stackexchange.com/questions/193911/lsof-no-pwd-entry-for-uid#:~:text=Can%20also%20be,%E2%80%93%C2%A0
更多推荐
已为社区贡献10条内容
所有评论(0)