lawrence@lemmy.worldM to Comic Strips@lemmy.world · 5 months agoLinux processeslemmy.worldimagemessage-square67fedilinkarrow-up1572
arrow-up1572imageLinux processeslemmy.worldlawrence@lemmy.worldM to Comic Strips@lemmy.world · 5 months agomessage-square67fedilink
minus-squareRexelpitlum@discuss.tchncs.delinkfedilinkarrow-up22·5 months ago/var/log has been deleted, you say… I think we all know what this means, don’t we?
minus-squareRexelpitlum@discuss.tchncs.delinkfedilinkarrow-up14·5 months ago Hint ls -ld /var/log drwxrwxr-x 18 root syslog 4096 Aug 11 08:13 /var/log
minus-squareverstra@programming.devlinkfedilinkarrow-up8·5 months agoI have no clue. Root nuked the logs? Why? OOM killer does not do that.
minus-squareRexelpitlum@discuss.tchncs.delinkfedilinkarrow-up13·5 months agoWell, there is only one who could have erased all traces of the SIGKILL… And only the SIGKILLER would have had reason to do so…
minus-squareverstra@programming.devlinkfedilinkarrow-up2·5 months agoAhh ok, so it is the obvious one.
minus-squareRexelpitlum@discuss.tchncs.delinkfedilinkarrow-up1·5 months agoNo, actually it is the boring solution. I has been a user. Here is the follow-up comic: https://turnoff.us/geek/who-killed-mysql-epilogue/
minus-squarehemko@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up7·5 months agoThat seems so obvious I think we’re missing something
minus-squareRexelpitlum@discuss.tchncs.delinkfedilinkarrow-up9·5 months agoWhatever, we have a suspect. Bring in GDB to do the interrogation! And perhaps also call Nice, he can play the good cop…
minus-squarehemko@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up6·5 months agoForgive me my ignorance, but since Apache is running as root, couldn’t PHP inherit it’s permissions?
minus-squarelawrence@lemmy.worldOPMlinkfedilinkarrow-up5·5 months agoThe Apache main process runs as root. When it receives a request, it spawns a child process that doesn’t run as root. PHP runs as the same user as the Apache child process.
minus-squarejollyrogue@lemmy.mllinkfedilinkarrow-up4·5 months agoOr PHP runs in its own fastcgi like process under a different account.
/var/log has been deleted, you say…
I think we all know what this means, don’t we?
Hint
ls -ld /var/log drwxrwxr-x 18 root syslog 4096 Aug 11 08:13 /var/log
I have no clue. Root nuked the logs? Why? OOM killer does not do that.
Well, there is only one who could have erased all traces of the SIGKILL…
And only the SIGKILLER would have had reason to do so…
Ahh ok, so it is the obvious one.
No, actually it is the boring solution. I has been a user.
Here is the follow-up comic:
https://turnoff.us/geek/who-killed-mysql-epilogue/
That seems so obvious I think we’re missing something
Whatever, we have a suspect.
Bring in GDB to do the interrogation! And perhaps also call Nice, he can play the good cop…
Forgive me my ignorance, but since Apache is running as root, couldn’t PHP inherit it’s permissions?
The Apache main process runs as root. When it receives a request, it spawns a child process that doesn’t run as root. PHP runs as the same user as the Apache child process.
Or PHP runs in its own fastcgi like process under a different account.