[MLUG] My CentOS server reboots unexpextedly
Georgi Stoynev
georgi82 at gmail.com
Thu Mar 26 12:44:35 EDT 2009
I forgot:
[root at srv1 ~]# cat /var/log/secure
Mar 23 10:01:04 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 23 10:01:04 srv1 login: ROOT LOGIN ON tty1
Mar 23 10:28:32 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 23 10:28:32 srv1 login: ROOT LOGIN ON tty2
Mar 23 10:28:57 srv1 login: pam_unix(login:session): session closed for user
root
Mar 23 10:30:17 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 23 10:30:17 srv1 login: ROOT LOGIN ON tty1
Mar 23 16:13:40 srv1 sshd[29002]: Connection closed by 192.168.2.152
Mar 23 16:53:56 srv1 sshd[29183]: Accepted password for non_root_user from
192.168.3.2 port 52901 ssh2
Mar 23 16:53:56 srv1 sshd[29183]: pam_unix(sshd:session): session opened for
user non_root_user by (uid=0)
Mar 23 16:54:02 srv1 su: pam_unix(su-l:session): session opened for user
root by non_root_user(uid=500)
Mar 23 16:53:30 srv1 su: pam_unix(su-l:session): session closed for user
root
Mar 23 16:53:32 srv1 sshd[29183]: pam_unix(sshd:session): session closed for
user non_root_user
*Mar 26 12:03:58 srv1 login: pam_unix(login:session): session closed for
user root
Mar 26 12:03:58 srv1 login: pam_unix(login:session): session closed for user
root*
Mar 26 12:05:35 srv1 sshd[2887]: Received signal 15; terminating.
Mar 26 12:09:05 srv1 sshd[2896]: Server listening on :: port 2222.
Mar 26 12:09:05 srv1 sshd[2896]: error: Bind to port 2222 on 0.0.0.0 failed:
Address already in use.
Mar 26 13:08:10 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 26 13:08:10 srv1 login: ROOT LOGIN ON tty1
Mar 26 13:14:19 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 26 13:14:19 srv1 login: ROOT LOGIN ON tty2
Mar 26 13:15:43 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 26 13:15:43 srv1 login: ROOT LOGIN ON tty3
Mar 26 13:22:35 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 26 13:22:35 srv1 login: ROOT LOGIN ON tty4
Mar 26 13:35:37 srv1 login: pam_unix(login:session): session closed for user
root
Mar 26 13:36:43 srv1 login: pam_unix(login:session): session closed for user
root
Mar 26 13:39:41 srv1 login: pam_unix(login:session): session closed for user
root
Mar 26 13:48:48 srv1 login: pam_unix(login:session): session closed for user
root
Mar 26 13:50:58 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 26 13:50:58 srv1 login: ROOT LOGIN ON tty1
Mar 26 13:51:11 srv1 login: pam_unix(login:session): session closed for user
root
Mar 26 13:53:13 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 26 13:53:13 srv1 login: ROOT LOGIN ON tty1
Mar 26 13:53:35 srv1 login: pam_unix(login:session): session opened for user
root by LOGIN(uid=0)
Mar 26 13:53:35 srv1 login: ROOT LOGIN ON tty2
Mar 26 14:16:27 srv1 login: pam_unix(login:session): session closed for user
root
Mar 26 14:16:32 srv1 login: pam_unix(login:session): session closed for user
root
Mar 26 17:41:29 srv1 sshd[8395]: Accepted password for non_root_user from
192.168.2.153 port 1123 ssh2
Mar 26 17:41:29 srv1 sshd[8395]: pam_unix(sshd:session): session opened for
user non_root_user by (uid=0)
Mar 26 17:41:35 srv1 su: pam_unix(su-l:session): session opened for user
root by non_root_user(uid=500)
[root at srv1 ~]#
I didn't log into the server at that time.
Any thoughts?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/mlug-listserv.mlug.ca/attachments/20090326/25e4547a/attachment.htm
More information about the mlug
mailing list