Bom auditd service

Discussion in 'Dedicated Server dan Colocation' started by GriyaHosting, 4 Aug 2011.

Thread Status:
Not open for further replies.
  1. GriyaHosting

    GriyaHosting Expert 1.0

    Messages:
    966
    Likes Received:
    76
    Trophy Points:
    28
    Dear all,
    apakah teman sudah ada yang mengalami kasus seperti ini pada log ?

    audit: audit_backlog=321 > audit_backlog_limit=320
    audit: audit_lost=54 audit_rate_limit=0 audit_backlog_limit=320
    audit: backlog limit exceeded
    audit: audit_backlog=321 > audit_backlog_limit=320
    audit: audit_lost=55 audit_rate_limit=0 audit_backlog_limit=320
    audit: backlog limit exceeded
    audit: audit_backlog=321 > audit_backlog_limit=320
    audit: audit_lost=56 audit_rate_limit=0 audit_backlog_limit=320
    audit: backlog limit exceeded
    audit: audit_backlog=321 > audit_backlog_limit=320

    Aug 4 11:14:18 joglo-1 kernel: type=1106 audit(1312429965.347:52): user pid=9025 uid=0 auid=0 msg='PAM: session close acct="root" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'


    Mohon pencerahan dan pemecahannya ..
     
  2. GriyaHosting

    GriyaHosting Expert 1.0

    Messages:
    966
    Likes Received:
    76
    Trophy Points:
    28
    hmmm mulai menyusul pada server yang lainnya, ... mungkinkah bug kernel ?
     
  3. andhi

    andhi Hosting Guru

    Messages:
    1,678
    Likes Received:
    132
    Trophy Points:
    63
    kayanya bug kernel itu
     
  4. perdhanahost

    perdhanahost Expert 1.0

    Messages:
    986
    Likes Received:
    147
    Trophy Points:
    43
  5. GriyaHosting

    GriyaHosting Expert 1.0

    Messages:
    966
    Likes Received:
    76
    Trophy Points:
    28
    saat ini /etc/audit/audit.rules -b saya naikkan ke 12000
    dan update kernel, belum ada masalah lagi,
    dan di kernel yang baru saya lihat di group ada tambahan selinux=0 :confused:
    apa mungkin karena selinux ?
     
  6. perdhanahost

    perdhanahost Expert 1.0

    Messages:
    986
    Likes Received:
    147
    Trophy Points:
    43
    Bisa jadi. Pada umumnya, SELinux tidak dibutuhkan. Kecuali memang dibutuhkan untuk mengakomodasi rules tertentu, atau dibutuhkan oleh aplikasi tertentu mungkin sebaiknya dimatikan saja.

    Semoga membantu. :)
     
  7. op3l

    op3l Beginner 2.0

    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    SELinux lebih baik dihidupkan jika server sudah stabil dan dimatikan jika server ingin di oprek" tapi default kayaknya dimatiin.
     
  8. GriyaHosting

    GriyaHosting Expert 1.0

    Messages:
    966
    Likes Received:
    76
    Trophy Points:
    28
    Kalau di hidupkan problem lagi mas .. bagaimana bisa stabil ?:17:
     
  9. ngaco

    ngaco Apprentice 1.0

    Messages:
    218
    Likes Received:
    20
    Trophy Points:
    18
  10. GriyaHosting

    GriyaHosting Expert 1.0

    Messages:
    966
    Likes Received:
    76
    Trophy Points:
    28
    bukannya cpanel berjalan jika selinux dinonaktifkan ?
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...