[BlueOnyx:06742] Re: cced gone wild

MuntadaNet Webmaster webmaster at muntada.com
Fri Mar 18 04:31:19 -05 2011 

Thanks Michael Arnoff and Michael Stauber for this.  Unfortunately, 
it did not work but I do have some observations.

First, I really didn't see anything wrong with the output.  However, 
just for the heck, I did go ahead and delete the two databases.  When 
I went to the GUI, it just hung there.  It never showed anything and 
what I noticed is that immediately, I got several cced processes showing up.

So although it didn't fix the issue, it did reveal yet another symptom.

Regards,

Rashid

At 08:17 PM 3/18/2011, you wrote:
>Sorry I am late to this thread, but I was not sure at first if my problem
>and yours were related.
>
>I had a similar problem that turned out to be related to pam_abl. It seemed
>that pam_abl was not purging it's blacklist history properly so as it tried
>to do its thing cce was hanging.
>
>Your problem seems a little different but try the following anyway. It came
>from Michael @ Solarspeed
>
>As root and from the console run this command:
>
>/etc/init.d/pam_abl status
>
>It should show a list of blocked hosts and users and also the date and time
>of the events. Check this output for two things:
>
>a) You should see no error message that indicate a corruption of the PAM_ABL
>database.
>
>b) You should see no events older than say a week.
>
>If you see events older than a week OR get an error message that indicates a
>corruption of the PAM_ABL database. Like in the case that I had recently,
>the corruption of the database no longer allowed removal of old records, so
>the PAM_ABL lists got so long that the GUI literally choked on processing
>and displaying them.
>
>To fix this issue run these two commands:
>
>rm /var/lib/abl/hosts.db
>rm /var/lib/abl/users.db
>
>That will delete the PAM_ABL databases. They will get recreated
>automatically, so no worries there.
>
>Then restart CCEd for good measure and check the PAM_ABL blocks again in the
>GUI:
>/etc/init.d/cced.init restart
>(this part is important!, cced is not updated about the fix until after it
>tries to sync with the pam_abl database, so go to the GUI , under security,
>failed logins. It might take a moment to come up, that is cced syncing to
>the now empty pam_abl)
>
>I had corrupted pam_abl databases on 3 out of 4 of my BX servers. This fixed
>them right up.
>
>Hope it helps you.
>
>M Aronoff Out
>
>
>
>_______________________________________________
>Blueonyx mailing list
>Blueonyx at blueonyx.it
>http://www.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list