[UIMA-3829] DUCC Agent should skip over processes owned by UID < 500 when detecting rogues - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.0.0-Ducc
Fix Version/s: 1.1.0-Ducc
Component/s: DUCC
Labels:
None

Description

Modify rogue process detector to skip over processes owned by UID < 500. By convention these are system processes and thus not rogue. This simplifies configuration of DUCC. Currently DUCC admin must maintain a list of users to skip in the exclusion list defined in ducc.properties.

Wikipedia says:
"Convention reserves UIDs from 1 to 100 for system use; some manuals recommend reserving UIDs from 101 up to 499 (Red Hat Enterprise Linux) or even up to 999 (Debian) as well. "
Recent SLES systems show in /etc/login.defs:
SYSTEM_GID_MAX 499

Attachments

Activity

People

Assignee:: Jaroslaw Cwiklik

Reporter:: Jaroslaw Cwiklik

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/May/14 17:16

Updated:: 22/May/14 16:15

Resolved:: 22/May/14 16:15