SecAst:在守护进程模式下过早退出
致D代:
这是构建secast-1.0.4.0-x86_64-ub12的一个新问题,而以前的构建没有出现这个问题,secast-1.0.1.0-x86_64-ub12。
当secast作为服务运行(服务分段启动)或以守护进程模式(/usr/local/ secast /secast)从命令行启动时,它在几秒钟后就会退出,而没有任何明显的原因。在启动上一个版本的secast时,它将按预期的方式运行,直到用户操作显式关闭为止。
当在前台运行最新构建的secast (/usr/local/secast/secast -f)时,这个问题并不明显。
下面是/var/log/secast文件的内容(请注意行"General,通过HUP接收到的关闭请求“),指示在守护进程模式下运行时出现的问题:
2014-06-25T15:14:43, 00000100, S, General, SecAst starting as daemon under process ID 2059
2014-06-25T15:14:43, 00001700, D, Database, Database manager thread started
2014-06-25T15:14:43, 00000100, D, General, SecAst version 1.0.4.0; build date Monday; June 23; 2014 11:44:00 PM EDT; Ubuntu 12 LTS; Intel 64-bit
2014-06-25T15:14:43, 00000108, D, General, SecAst state changing to starting
2014-06-25T15:14:43, 00000810, D, Controller, firewall (iptables) not flushed on start
2014-06-25T15:14:43, 00000504, I, Asterisk, Existing Asterisk log file (/var/log/asterisk/messages) open for monitoring
2014-06-25T15:14:43, 00000600, D, EventQueue, Security event queue starting
2014-06-25T15:14:43, 00000300, I, Controller, Telnet server listening on 0.0.0.0:3000
2014-06-25T15:14:43, 00001600, I, Controller, Pipe server listening
2014-06-25T15:14:43, 00001010, I, License, License file not present. Defaulting to free edition
2014-06-25T15:14:43, 00001300, D, GeoIp, Found GeoIP database version 2.0.1394137568 updated Thursday; March 6; 2014 3:26:08 PM EDT
2014-06-25T15:14:43, 00001302, I, GeoIp, Opened GeoIP database
2014-06-25T15:14:44, 00001705, D, Database, Opened database [secast] on host [localhost]
2014-06-25T15:14:44, 00001705, I, Database, Database open for archiving
2014-06-25T15:14:44, 00000800, D, Alert, Sent email: SecAst Incomplete Start
2014-06-25T15:14:44, 00000106, I, General, SecAst state changing to standby
2014-06-25T15:14:45, 00000800, D, Alert, Sent email: Entering standby state
2014-06-25T15:14:45, 00000102, I, General, Received shutdown request via HUP signal
2014-06-25T15:14:45, 00000601, D, EventQueue, Security event queue stopping
2014-06-25T15:14:45, 00000604, D, EventQueue, Flushed 0 event(s) from queue
2014-06-25T15:14:45, 00001706, I, Database, Database closed
2014-06-25T15:14:45, 00001701, D, Database, Database Manager stopped
2014-06-25T15:14:45, 00000110, D, General, SecAst state changing to stopping
2014-06-25T15:14:45, 00001211, D, Asterisk, Flushed 0 message(s) from received message queue
2014-06-25T15:14:45, 00001210, D, Asterisk, Flushed 0 message(s) from sent message queue
2014-06-25T15:14:45, 00001500, D, Controller, Flushed 0 user(s) from user watch list
2014-06-25T15:14:45, 00001303, I, GeoIp, Closed GeoIP database
2014-06-25T15:14:45, 00001307, D, GeoIp, Flushed 0 location(s) from geoIP cache
2014-06-25T15:14:46, 00000800, D, Alert, Sent email: SecAst Stopping
2014-06-25T15:14:46, 00001602, I, Controller, Pipe server stopping
2014-06-25T15:14:46, 00000506, I, Asterisk, Asterisk log file closing
2014-06-25T15:14:46, 00000201, I, Controller, Telnet server stopping
2014-06-25T15:14:46, 00000808, D, Controller, firewall (iptables) not flushed on shutdown
2014-06-25T15:14:46, 00001400, D, Controller, Flushed 0 IP('s) from IP watch list
2014-06-25T15:14:46, 00000903, D, ThreatInfo, Flushed 0 IP('s) from internal blocked list
2014-06-25T15:14:46, 00000101, S, General, SecAst terminating with exit code 0 (Normal termination) after running for 3 second(s)注意:在一个会话中,/usr/local/secast/secast在一次尝试中成功地保持了打开状态,但问题在重新启动计算机时再次出现。
考虑到之前的构建在这方面似乎像预期的那样工作,这是否需要一个代码修复?
回答 1
Server Fault用户
发布于 2014-06-26 01:03:11
SecAst正在停止,因为它正在接收来自Linux的HUP信号,请注意日志中的行:
2014-06-25T15:14:45, 00000102, I, General, Received shutdown request via HUP signal当接收到HUP信号时,应用程序必须关闭。所以问题是为什么SecAst会接收到一个HUP信号。
很可能,SecAst从secast init.d服务脚本接收了一个关闭请求(它使用HUP信号通知SecAst可执行文件正确关闭)。您/某人/ cron /等是否有可能发出“服务分段停止”?检查您的syslog -任何来自SecAst init脚本的条目?
https://serverfault.com/questions/607924
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号