Visit Our UNIX and Linux User Community


Way to find source of a kill -9 in Solaris


 
Thread Tools Search this Thread
Operating Systems Solaris Way to find source of a kill -9 in Solaris
# 1  
Old 08-11-2014
Way to find source of a kill -9 in Solaris

Hello Guys,

Someone or, some tool has killed the application process with signal 9 (kill -9) . How to track that in Solaris?

On AIX we can use light-weight tool called ProbeVue to track it but not sure how to do it on Solaris. Appreciate your help.

Kelly
# 2  
Old 08-11-2014
Try dtrace(1M).
# 3  
Old 08-11-2014
See this:

https://wikis.oracle.com/display/DTrace/proc+Provider

Probably something like this:

Code:
proc:::signal_send
/ args[ 1 ]->pr_fname == "YourAppBinaryNameHere" /
{
    printf( "%s PID %d from %d is sending signal %d to app\n",
        execname, pid, uid, args[ 2 ] );
}

# 4  
Old 08-12-2014
This signal would have to have come from either:-
  • A superuser account
  • The account owning/running the process
  • The process itself
  • A user account that can get elevated privileges (e.g. with sudo or running a SUID code)
Does that narrow your targets down?

If it's a historical thing, then you can't find it, unless the process dumped memory and it's buried in there, but even so you might have trouble identifying who actually did it.

For sudo usage, these are normally logged by the syslog daemon, do if you know the event time, perhaps you can work through that too.

Previous Thread | Next Thread
Test Your Knowledge in Computers #844
Difficulty: Medium
Bittorent, Gnutella and other distributed file transfers systems use do not user peer-to-peer, by default.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Solaris, grant user to kill another process

the task is grant user1 to kill another (for example user2) process. My steps: by root: usermod -P "Process Management" user1 login user1 user1@server (~) pfexec kill <PID> the result is: ksh: <PID>: not found or user1@server (~) pfexec pkill <PID> the result: nothing happens, still... (0 Replies)
Discussion started by: dsyberia
0 Replies

2. Linux

Find a process ID,kill it and restart agent

#!/bin/bash #This shell finds the pid of the hawkagent and kills and restarts to put the rulebase into effect output=`ps aux|grep hawkagent` #The set -- below helps to parse the above ps output into words and $2 gives the 2nd word which is pid set -- $output pid=$2 #Checks if pid of hawkagent... (12 Replies)
Discussion started by: samrat dutta
12 Replies

3. HP-UX

Way to find source of a kill -9 in HP-UX

Hello Guys, Someone or, some tool has killed the application process with signal 9 (kill -9) . How to track that in HP-UX? On AIX we can use light-weight tool called ProbeVue to track it but not sure how to do it on HP-UX. Appreciate your help. Kelly Closed because this is... (0 Replies)
Discussion started by: aixusrsys
0 Replies

4. Shell Programming and Scripting

Find the Pid and Kill the Process after a Few Minutes

hi guys i had written a shell script Display Information of all the File Systems i want to find the pid and kill the process after few minutes.how can i obtain the pid and kill it??? sample.sh df -a >> /tmp/size.log and my cron to execute every minute every hour every day * *... (5 Replies)
Discussion started by: azherkn3
5 Replies

5. Shell Programming and Scripting

shell script to find a process by name and kill it

hi, Am a newbie to unix and wasnt able to write script to my requirement. I need a shell script, which should find a process by name and kill it. For eg: let the process name be "abc". I have different processes running by this name(abc), so should kill them all. Condition would be: if... (7 Replies)
Discussion started by: fop4658
7 Replies

6. Shell Programming and Scripting

Help with find and source directories

Hi, How can i find the types of files in some directory(~/mydir) that start with word "fix" then followed by number 3, 4, 7 or 8 and end with .ccp or .in How can i find the total number of files that are larger than 5000 bytes in specific directory?, I can do it by current directory by using ... (4 Replies)
Discussion started by: kim1980
4 Replies

7. AIX

How to find out and kill all processes for a user?

Hi! We are using AIX 5.3. Can anyone please guide me to find out all the running processes for a specific user, say ' admin' and also kill them by force. Thanks! atech (9 Replies)
Discussion started by: atechcorp
9 Replies

8. UNIX for Advanced & Expert Users

how to kill threads in solaris

Any idea how to kill threads (not processes) in solaris? I had checked the man pages for both kill and pkill to no avail. (9 Replies)
Discussion started by: izy100
9 Replies

9. UNIX for Dummies Questions & Answers

not able to kill find with kill -9

Hello everyone I am using HP Ux and had run a find command. Now I am trying to kill it with kill or kill -9 but it is not getting killed and still running. Any clues ? Thanks Sidhu (5 Replies)
Discussion started by: Amardeep
5 Replies

10. UNIX for Dummies Questions & Answers

kill scripts under Solaris

I should know this, but do K scripts in the /etc/rc?.d directories get run in numerically ascending or descending order? By default there are none in rc3.d. Is it OK to put 2 in there, and will they be run first (which is my goal). Thanks, Chuck (1 Reply)
Discussion started by: 98_1LE
1 Replies

Featured Tech Videos