记录日志：腾讯云服务器遭遇挖矿病毒 清除操作日志

你未必出类拔萃，但一定与众不同

12月16日下午16时许

腾讯云服务器部署项目时，项目不管上没上线，tomcat原本是启动的，但是非正常原因断开连接，结束

重新启动多次tomcat发现都会非正常关闭，查看服务器cpu使用率奇高无比，最高的时候一个达到97%的CPU占用率，发现不明进程正在运行，百度一下发现是挖矿病毒，还是两种；记录一下操作日志，方便以后再次清除；

[root@VM-0-6-centos bin]# top -Htop - 16:57:21 up 2 days, 1:57, 1 user, load average: 1.80, 1.24, 1.58Threads: 172 total, 5 running, 167 sleeping, 0 stopped, 0 zombie%Cpu(s): 92.0 us, 5.6 sy, 2.3 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 558396 free, 1077448 used, 246348 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 659916 avail Mem Unknown command - try 'h' for help PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 15631 root20 0 712076 1624 880 R 44.4 0.1 1:15.56 kdevtmpfsi3958714352 nobody 30 10 162640 26024 416 S 3.0 1.4 0:29.97 networkservice14354 nobody 30 10 162640 26024 416 S 2.6 1.4 0:28.77 networkservice14401 nobody 30 10 162640 26024 416 S 2.6 1.4 0:23.59 networkservice15148 nobody 30 10 162640 26024 416 R 1.3 1.4 0:20.37 networkservice14351 nobody 30 10 162640 26024 416 S 0.3 1.4 0:07.77 networkservice15581 root20 0 162064 2340 1596 R 0.3 0.1 0:00.38 top 1 root20 0 43448 2764 1508 S 0.0 0.1 0:04.44 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.25 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 S 0.0 0.0 0:39.11 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.28 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.41 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.95 kauditd [1]+ Stopped top -H[root@VM-0-6-centos bin]# top -Htop - 16:57:37 up 2 days, 1:57, 1 user, load average: 1.18, 1.31, 1.60Threads: 175 total, 5 running, 169 sleeping, 1 stopped, 0 zombie%Cpu(s): 92.0 us, 5.0 sy, 2.7 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 stKiB Mem : 1882192 total, 555896 free, 1079872 used, 246424 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 657488 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 15631 root20 0 712076 1624 880 R 44.9 0.1 1:22.81 kdevtmpfsi3958714352 nobody 30 10 162640 26024 416 S 2.7 1.4 0:30.42 networkservice14401 nobody 30 10 162640 26024 416 S 2.7 1.4 0:24.05 networkservice14354 nobody 30 10 162640 26024 416 R 1.7 1.4 0:28.82 networkservice15148 nobody 30 10 162640 26024 416 S 1.0 1.4 0:20.81 networkservice14351 nobody 30 10 162640 26024 416 S 0.3 1.4 0:07.85 networkservice1 root20 0 43448 2764 1508 S 0.0 0.1 0:04.44 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.25 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:39.12 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.28 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.41 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.95 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh [2]+ Stopped top -H[root@VM-0-6-centos bin]# ps -ef|kdevtmpfsi39587-bash: kdevtmpfsi39587: command not found[root@VM-0-6-centos bin]# ps -ef|grep kdevtmpfsi39587root155911 40 16:54 ? 00:01:32 /tmp/kdevtmpfsi395879277root15778 14789 0 16:57 pts/0 00:00:00 grep --color=auto kdevtmpfsi39587[root@VM-0-6-centos bin]# top -Htop - 17:01:45 up 2 days, 2:01, 1 user, load average: 1.75, 1.17, 1.48Threads: 172 total, 5 running, 165 sleeping, 2 stopped, 0 zombie%Cpu(s): 66.7 us, 33.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 stKiB Mem : 1882192 total, 296720 free, 1091392 used, 494080 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 643808 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 15631 root20 0 712076 1624 880 R 25.5 0.1 3:08.78 kdevtmpfsi3958717582 nobody 20 0 75168 22680 412 S 21.5 1.2 0:01.62 networkservice17233 nobody 20 0 75168 22680 412 R 14.2 1.2 0:05.67 networkservice17237 nobody 20 0 75168 22680 412 S 9.3 1.2 0:04.12 networkservice17234 nobody 20 0 75168 22680 412 S 2.6 1.2 0:00.80 networkservice10545 mysql20 0 1357216 392496 976 R 0.3 20.9 0:20.05 mysqld 17579 root20 0 162064 2352 1596 R 0.3 0.1 0:00.04 top 1 root20 0 43448 3292 2036 S 0.0 0.2 0:04.46 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.27 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:39.19 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.28 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.45 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.95 kauditd [root@VM-0-6-centos bin]# ps -ef|grep networkservicenobody 172331 23 17:00 ? 00:00:21 /etc/networkserviceroot17617 14789 0 17:01 pts/0 00:00:00 grep --color=auto networkservice[root@VM-0-6-centos bin]# kill -9 17233[root@VM-0-6-centos bin]# kill -9 15631[root@VM-0-6-centos bin]# top -Htop - 17:05:55 up 2 days, 2:05, 1 user, load average: 1.75, 1.25, 1.62Threads: 173 total, 3 running, 168 sleeping, 2 stopped, 0 zombie%Cpu(s): 97.3 us, 2.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 310260 free, 1075940 used, 495992 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 659432 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 17710 root20 0 515468 1616 864 R 76.7 0.1 1:27.30 kdevtmpfsi1874917665 root20 0 000 S 0.3 0.0 0:00.01 kworker/0:0 1 root20 0 43448 3376 2120 S 0.0 0.2 0:04.46 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.29 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 S 0.0 0.0 0:39.24 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.28 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.46 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.96 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:03.69 kworker/0:1H 246 root 0 -20 000 S 0.0 0.0 0:00.03 ata_sff 250 root20 0 000 S 0.0 0.0 0:00.00 scsi_eh_0 251 root 0 -20 000 S 0.0 0.0 0:00.00 scsi_tmf_0[3]+ Stopped top -H[root@VM-0-6-centos bin]# ps -ef|grep kdevtmpfsi18749 root176991 88 17:04 ? 00:01:33 /tmp/kdevtmpfsi187492391root19450 14789 0 17:06 pts/0 00:00:00 grep --color=auto kdevtmpfsi18749[root@VM-0-6-centos bin]# cd /var/spool/cron[root@VM-0-6-centos cron]# lsadmin apache backup.db crontab dump.rdb kinsingBYE57dMI5C kinsingtQIMxfptl0 nginx nobody red2.so redis root tomcat user web www www-data zzh[root@VM-0-6-centos cron]# rm -rf apache[root@VM-0-6-centos cron]# rm -rf nobody[root@VM-0-6-centos cron]# rm -rf root[root@VM-0-6-centos cron]# rm -rf www[root@VM-0-6-centos cron]# chattr -i sysupdate-bash: chattr: command not found[root@VM-0-6-centos cron]# rm -rf sysupdate[root@VM-0-6-centos cron]# cd /tmp[root@VM-0-6-centos tmp]# lskdevtmpfsi redis2[root@VM-0-6-centos tmp]# chattr -i kdevtmpfis-bash: chattr: command not found[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi-bash: chattr: command not found[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi-bash: chattr: command not found[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsirm: cannot remove ‘kdevtmpfsi’: Operation not permitted[root@VM-0-6-centos tmp]# lsattr----i--------e-- ./kdevtmpfsi----i--------e-- ./redis2[root@VM-0-6-centos tmp]# chattr -i .user.ini-bash: chattr: command not found[root@VM-0-6-centos tmp]# chattr -i ./kdevtmpfsi-bash: chattr: command not found[root@VM-0-6-centos tmp]# chattr -i ----i--------e-- ./kdevtmpfsi-bash: chattr: command not found[root@VM-0-6-centos tmp]# chattr -e ./^C[root@VM-0-6-centos tmp]# chattr -e ./kdevtmpfsi-bash: chattr: command not found[root@VM-0-6-centos tmp]# chattr -i zigw-bash: chattr: command not found[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi----i--------e-- kdevtmpfsi[root@VM-0-6-centos tmp]# top -Htop - 17:17:37 up 2 days, 2:17, 1 user, load average: 1.07, 1.93, 1.84Threads: 172 total, 5 running, 164 sleeping, 3 stopped, 0 zombie%Cpu(s): 92.0 us, 5.6 sy, 2.3 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 281676 free, 1097448 used, 503068 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 637660 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 17710 root20 0 515468 1616 864 R 44.4 0.1 6:43.06 kdevtmpfsi1874919397 nobody 30 10 153384 30072 416 S 3.3 1.6 0:15.81 networkservice19429 nobody 30 10 153384 30072 416 R 3.3 1.6 0:15.48 networkservice19427 nobody 30 10 153384 30072 416 R 3.0 1.6 0:01.91 networkservice19426 nobody 30 10 153384 30072 416 R 0.3 1.6 0:03.26 networkservice1 root20 0 43448 3376 2120 S 0.0 0.2 0:04.48 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.31 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 S 0.0 0.0 0:39.44 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.28 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.47 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.96 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:03.70 kworker/0:1H [4]+ Stopped top -H[root@VM-0-6-centos tmp]# netstat -ntlpActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 00 0.0.0.0:22 0.0.0.0:*LISTEN1244/sshd tcp 00 0.0.0.0:6379 0.0.0.0:*LISTEN1330/redis-server * tcp6 00 :::31458:::*LISTEN10901/./kinsingtQIM tcp6 00 :::33060:::*LISTEN10400/mysqld tcp6 00 :::3306 :::*LISTEN10400/mysqld tcp6 00 :::6379 :::*LISTEN1330/redis-server * [root@VM-0-6-centos tmp]# netstat -ntulp |grep 31458tcp6 00 :::31458:::*LISTEN10901/./kinsingtQIM [root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi rm: cannot remove ‘kdevtmpfsi’: Operation not permitted[root@VM-0-6-centos tmp]# top -Htop - 17:28:34 up 2 days, 2:28, 1 user, load average: 1.92, 1.86, 1.86Threads: 173 total, 5 running, 164 sleeping, 4 stopped, 0 zombie%Cpu(s): 92.3 us, 5.0 sy, 2.7 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 279468 free, 1097088 used, 505636 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 637564 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 17710 root20 0 515468 1616 864 R 44.7 0.1 11:37.59 kdevtmpfsi1874919397 nobody 30 10 154444 30592 416 R 3.3 1.6 0:32.48 networkservice19427 nobody 30 10 154444 30592 416 S 3.3 1.6 0:16.85 networkservice19472 nobody 30 10 154444 30592 416 S 2.3 1.6 0:29.63 networkservice19429 nobody 30 10 154444 30592 416 S 0.7 1.6 0:31.33 networkservice6 root20 0 162064 2352 1596 R 0.7 0.1 0:00.02 top 1330 root20 0 142504 2932 1144 S 0.3 0.2 2:01.08 redis-server 19426 nobody 30 10 154444 30592 416 R 0.3 1.6 0:06.62 networkservice1 root20 0 43448 3376 2120 S 0.0 0.2 0:04.49 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.33 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 S 0.0 0.0 0:39.63 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.28 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.47 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq [5]+ Stopped top -H[root@VM-0-6-centos tmp]# systemctl status 17710● redisd.service - SYSV: Redis is a persistent key-value databaseLoaded: loaded (/etc/rc.d/init.d/redisd; bad; vendor preset: disabled)Active: active (running) since Mon -12-14 15:00:25 CST; 2 days agoDocs: man:systemd-sysv-generator(8)Process: 1269 ExecStart=/etc/rc.d/init.d/redisd start (code=exited, status=0/SUCCESS)CGroup: /system.slice/redisd.service├─ 1330 /usr/local/bin/redis-server *:6379├─10901 ./kinsingtQIMxfptl0└─17699 /tmp/kdevtmpfsi187492391Dec 14 15:00:25 VM-0-6-centos systemd[1]: Starting SYSV: Redis is a persistent key-value database...Dec 14 15:00:25 VM-0-6-centos redisd[1269]: Starting Redis server...Dec 14 15:00:25 VM-0-6-centos redisd[1269]: 1274:C 14 Dec 15:00:25.839 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0OoDec 14 15:00:25 VM-0-6-centos redisd[1269]: 1274:C 14 Dec 15:00:25.839 # Redis version=4.0.6, bits=64, commit=00000000, modified=0, pid=1274, just startedDec 14 15:00:25 VM-0-6-centos redisd[1269]: 1274:C 14 Dec 15:00:25.839 # Configuration loadedDec 14 15:00:25 VM-0-6-centos systemd[1]: Started SYSV: Redis is a persistent key-value database.[root@VM-0-6-centos tmp]# kill kdevtmpfsi-bash: kill: kdevtmpfsi: arguments must be process or job IDs[root@VM-0-6-centos tmp]# kill -9 17710[root@VM-0-6-centos tmp]# top -Htop - 17:31:27 up 2 days, 2:31, 1 user, load average: 1.59, 1.73, 1.81Threads: 167 total, 4 running, 158 sleeping, 5 stopped, 0 zombie%Cpu(s): 82.5 us, 11.9 sy, 5.3 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 stKiB Mem : 1882192 total, 74388 free, 1097344 used, 710460 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 638952 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 19427 nobody 30 10 154444 31052 416 R 7.6 1.6 0:21.23 networkservice19472 nobody 30 10 154444 31052 416 S 5.6 1.6 0:33.03 networkservice19397 nobody 30 10 154444 31052 416 S 3.0 1.6 0:37.37 networkservice19426 nobody 30 10 154444 31052 416 R 1.0 1.6 0:07.57 networkservice19429 nobody 30 10 154444 31052 416 S 0.3 1.6 0:35.49 networkservice5 root20 0 162064 2356 1608 R 0.3 0.1 0:00.03 top 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.50 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.33 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:39.68 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.33 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.47 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.97 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh [6]+ Stopped top -H[root@VM-0-6-centos tmp]# kill -9 19427[root@VM-0-6-centos tmp]# kill -9 19472-bash: kill: (19472) - No such process[root@VM-0-6-centos tmp]# kill -9 19397-bash: kill: (19397) - No such process[root@VM-0-6-centos tmp]# top -Htop - 17:33:08 up 2 days, 2:32, 1 user, load average: 1.07, 1.16, 1.60Threads: 174 total, 4 running, 164 sleeping, 6 stopped, 0 zombie%Cpu(s):100.0 us, 0.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 83416 free, 1080664 used, 718112 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 655848 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 20253 root20 0 712076 1620 872 R 49.5 0.1 0:24.23 kdevtmpfsi453769 root20 0 000 R 0.3 0.0 0:39.70 rcu_sched 1330 root20 0 142504 2932 1144 S 0.3 0.2 2:01.26 redis-server 10545 mysql20 0 1357216 392556 1036 S 0.3 20.9 0:22.05 mysqld 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.50 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.34 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.33 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.47 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.97 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:03.71 kworker/0:1H 246 root 0 -20 000 S 0.0 0.0 0:00.03 ata_sff 250 root20 0 000 S 0.0 0.0 0:00.00 scsi_eh_0 [7]+ Stopped top -H[root@VM-0-6-centos tmp]# sudo find / -name kdevtmpfsi*find: paths must precede expression: kdevtmpfsi453765361Usage: find [-H] [-L] [-P] [-Olevel] [-D help|tree|search|stat|rates|opt|exec] [path...] [expression][root@VM-0-6-centos tmp]# sudo rm -rf ...[root@VM-0-6-centos tmp]# sudo find / -name kinsing*^Z[8]+ Stopped sudo find / -name kinsing*[root@VM-0-6-centos tmp]# sudo rm -rf ...[root@VM-0-6-centos tmp]# ps -aux | grep kinsingroot10901 0.0 0.9 718464 18764 ? Sl Dec14 0:16 ./kinsingtQIMxfptl0root20287 0.0 0.2 243304 4636 pts/0 T 17:33 0:00 sudo find / -name kinsing*root20288 1.8 0.0 16 1364 pts/0 T 17:33 0:00 find / -name kinsing*root21979 0.0 0.0 112712 968 pts/0 R+ 17:34 0:00 grep --color=auto kinsing[root@VM-0-6-centos tmp]# kill -9 10901[root@VM-0-6-centos tmp]# kill -9 243304-bash: kill: (243304) - No such process[root@VM-0-6-centos tmp]# ps -aux | grep kinsingroot20287 0.0 0.2 243304 4636 pts/0 T 17:33 0:00 sudo find / -name kinsing*root20288 1.2 0.0 16 1364 pts/0 T 17:33 0:00 find / -name kinsing*root21997 0.0 0.0 112712 968 pts/0 R+ 17:34 0:00 grep --color=auto kinsing[root@VM-0-6-centos tmp]# kill -9 20287[root@VM-0-6-centos tmp]# kill -9 20288-bash: kill: (20288) - No such process[8]+ Killed sudo find / -name kinsing*[root@VM-0-6-centos tmp]# ps -aux | grep kinsingroot22002 0.0 0.0 112712 964 pts/0 R+ 17:35 0:00 grep --color=auto kinsing[root@VM-0-6-centos tmp]# kill -9 22002-bash: kill: (22002) - No such process[root@VM-0-6-centos tmp]# top -Htop - 17:37:13 up 2 days, 2:36, 1 user, load average: 1.53, 1.37, 1.59Threads: 176 total, 7 running, 162 sleeping, 7 stopped, 0 zombie%Cpu(s): 92.1 us, 5.0 sy, 2.6 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 stKiB Mem : 1882192 total, 84656 free, 1078008 used, 719528 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 651192 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 20253 root20 0 712076 1620 872 R 44.7 0.1 2:08.09 kdevtmpfsi4537621971 nobody 30 10 147844 21728 416 S 3.3 1.2 0:02.00 networkservice21941 nobody 30 10 147844 21728 416 R 2.6 1.2 0:03.42 networkservice21998 nobody 30 10 147844 21728 416 R 2.6 1.2 0:03.53 networkservice21970 nobody 30 10 147844 21728 416 R 0.7 1.2 0:00.60 networkservice10525 mysql20 0 1357216 392556 1036 S 0.3 20.9 0:00.23 mysqld 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.51 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.35 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:39.76 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.34 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.47 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.97 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh [root@VM-0-6-centos tmp]# find / -name kdevtmpfsi/tmp/kdevtmpfsi[root@VM-0-6-centos tmp]# rm -f kdevtmpfsirm: cannot remove ‘kdevtmpfsi’: Operation not permitted[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi----i--------e-- kdevtmpfsi[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi-bash: chattr: command not found[root@VM-0-6-centos tmp]# find -name chattr[root@VM-0-6-centos tmp]# man chattr[8]+ Stopped man chattr[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi----i--------e-- kdevtmpfsi[root@VM-0-6-centos tmp]# lltotal 3892-rw-r--r-- 1 nobody nobody487 Dec 16 17:35 500_og-rwxr-xr-x 1 root root 2 Nov 11 17:45 kdevtmpfsi-rwx--x--x 1 root root 3930448 Dec 16 17:31 kdevtmpfsi453765361-rwxr-xr-x 1 nobody nobody 37659 Dec 16 17:33 kow968kd-rw-r--r-- 1 root root 2 Nov 11 17:45 redis2[root@VM-0-6-centos tmp]# lltotal 8-rwxr-xr-x 1 root root 2 Nov 11 17:45 kdevtmpfsi-rw-r--r-- 1 root root 2 Nov 11 17:45 redis2[root@VM-0-6-centos tmp]# chattr -i redis2-bash: chattr: command not found[root@VM-0-6-centos tmp]# yum -y install e2fsprogsLoaded plugins: fastestmirror, langpacksDetermining fastest mirrorsepel | 4.7 kB 00:00:00extras | 2.9 kB 00:00:00mysql-connectors-community | 2.6 kB 00:00:00mysql-tools-community | 2.6 kB 00:00:00mysql80-community | 2.6 kB 00:00:00os | 3.6 kB 00:00:00updates | 2.9 kB 00:00:00(1/5): extras/7/x86_64/primary_db | 222 kB 00:00:00(2/5): epel/7/x86_64/updateinfo | 1.0 MB 00:00:00(3/5): os/7/x86_64/primary_db| 6.1 MB 00:00:00(4/5): updates/7/x86_64/primary_db | 3.7 MB 00:00:01(5/5): epel/7/x86_64/primary_db | 6.9 MB 00:00:01Resolving Dependencies--> Running transaction check---> Package e2fsprogs.x86_64 0:1.42.9-17.el7 will be updated---> Package e2fsprogs.x86_64 0:1.42.9-19.el7 will be an update--> Processing Dependency: libss = 1.42.9-19.el7 for package: e2fsprogs-1.42.9-19.el7.x86_64--> Processing Dependency: libcom_err(x86-64) = 1.42.9-19.el7 for package: e2fsprogs-1.42.9-19.el7.x86_64--> Processing Dependency: e2fsprogs-libs(x86-64) = 1.42.9-19.el7 for package: e2fsprogs-1.42.9-19.el7.x86_64--> Running transaction check---> Package e2fsprogs-libs.x86_64 0:1.42.9-17.el7 will be updated---> Package e2fsprogs-libs.x86_64 0:1.42.9-19.el7 will be an update---> Package libcom_err.x86_64 0:1.42.9-17.el7 will be updated--> Processing Dependency: libcom_err(x86-64) = 1.42.9-17.el7 for package: libcom_err-devel-1.42.9-17.el7.x86_64---> Package libcom_err.x86_64 0:1.42.9-19.el7 will be an update---> Package libss.x86_64 0:1.42.9-17.el7 will be updated---> Package libss.x86_64 0:1.42.9-19.el7 will be an update--> Running transaction check---> Package libcom_err-devel.x86_64 0:1.42.9-17.el7 will be updated---> Package libcom_err-devel.x86_64 0:1.42.9-19.el7 will be an update--> Finished Dependency ResolutionDependencies Resolved========================================================================================================================================================================PackageArch Version Repository Size========================================================================================================================================================================Updating:e2fsprogs x86_64 1.42.9-19.el7 os 701 kUpdating for dependencies:e2fsprogs-libs x86_64 1.42.9-19.el7 os 168 klibcom_err x86_64 1.42.9-19.el7 os 42 klibcom_err-devel x86_64 1.42.9-19.el7 os 32 klibss x86_64 1.42.9-19.el7 os 47 kTransaction Summary========================================================================================================================================================================Upgrade 1 Package (+4 Dependent packages)Total download size: 990 kDownloading packages:Delta RPMs disabled because /usr/bin/applydeltarpm not installed.(1/5): e2fsprogs-libs-1.42.9-19.el7.x86_64.rpm | 168 kB 00:00:00(2/5): libcom_err-1.42.9-19.el7.x86_64.rpm | 42 kB 00:00:00(3/5): libcom_err-devel-1.42.9-19.el7.x86_64.rpm | 32 kB 00:00:00(4/5): libss-1.42.9-19.el7.x86_64.rpm | 47 kB 00:00:00(5/5): e2fsprogs-1.42.9-19.el7.x86_64.rpm | 701 kB 00:00:00------------------------------------------------------------------------------------------------------------------------------------------------------------------------Total 2.4 MB/s | 990 kB 00:00:00Running transaction checkRunning transaction testTransaction test succeededRunning transactionUpdating : libcom_err-1.42.9-19.el7.x86_64 1/10 Updating : e2fsprogs-libs-1.42.9-19.el7.x86_64 2/10 Updating : libss-1.42.9-19.el7.x86_64 3/10 Updating : e2fsprogs-1.42.9-19.el7.x86_64 4/10 Updating : libcom_err-devel-1.42.9-19.el7.x86_64 5/10 Cleanup : e2fsprogs-1.42.9-17.el7.x86_64 6/10 Cleanup : libcom_err-devel-1.42.9-17.el7.x86_64 7/10 Cleanup : e2fsprogs-libs-1.42.9-17.el7.x86_64 8/10 Cleanup : libss-1.42.9-17.el7.x86_64 9/10 Cleanup : libcom_err-1.42.9-17.el7.x86_6410/10 Verifying : e2fsprogs-libs-1.42.9-19.el7.x86_64 1/10 Verifying : libcom_err-1.42.9-19.el7.x86_64 2/10 Verifying : e2fsprogs-1.42.9-19.el7.x86_64 3/10 Verifying : libcom_err-devel-1.42.9-19.el7.x86_64 4/10 Verifying : libss-1.42.9-19.el7.x86_64 5/10 Verifying : libss-1.42.9-17.el7.x86_64 6/10 Verifying : e2fsprogs-libs-1.42.9-17.el7.x86_64 7/10 Verifying : e2fsprogs-1.42.9-17.el7.x86_64 8/10 Verifying : libcom_err-1.42.9-17.el7.x86_64 9/10 Verifying : libcom_err-devel-1.42.9-17.el7.x86_6410/10 Updated:e2fsprogs.x86_64 0:1.42.9-19.el7 Dependency Updated:e2fsprogs-libs.x86_64 0:1.42.9-19.el7 libcom_err.x86_64 0:1.42.9-19.el7 libcom_err-devel.x86_64 0:1.42.9-19.el7 libss.x86_64 0:1.42.9-19.el7Complete![root@VM-0-6-centos tmp]# chattr -i redis2[root@VM-0-6-centos tmp]# chattr -e redis2[root@VM-0-6-centos tmp]# chattr -i redis2[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsirm: cannot remove ‘kdevtmpfsi’: Operation not permitted[root@VM-0-6-centos tmp]# rm -rf redis2[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi[root@VM-0-6-centos tmp]# chattr -e kdevtmpfsi[root@VM-0-6-centos tmp]# rm -rf kdevtmpfis[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi[root@VM-0-6-centos tmp]# tUsage: t [-RVf] [-+=aAcCdDeijsStTu] [-v version] files...[root@VM-0-6-centos tmp]# top -Htop - 17:51:17 up 2 days, 2:51, 1 user, load average: 1.94, 1.86, 1.74Threads: 174 total, 9 running, 156 sleeping, 9 stopped, 0 zombie%Cpu(s): 90.8 us, 5.9 sy, 3.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 stKiB Mem : 1882192 total, 173264 free, 1081460 used, 627468 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 640852 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 20253 root20 0 712076 1620 872 R 44.5 0.1 8:24.16 kdevtmpfsi4537621998 nobody 30 10 152072 27184 416 R 4.0 1.4 0:20.15 networkservice21941 nobody 30 10 152072 27184 416 S 2.7 1.4 0:13.45 networkservice21973 nobody 30 10 152072 27184 416 R 2.3 1.4 0:18.18 networkservice21970 nobody 30 10 152072 27184 416 R 0.7 1.4 0:05.01 networkservice1330 root20 0 142504 2932 1144 R 0.3 0.2 2:01.95 redis-server 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.52 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.37 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:40.00 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.41 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.48 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.97 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh [9]+ Stopped top -H[root@VM-0-6-centos tmp]# kill -9 20253[root@VM-0-6-centos tmp]# kill -9 21998[root@VM-0-6-centos tmp]# kill -9 21941-bash: kill: (21941) - No such process[root@VM-0-6-centos tmp]# top -Htop - 17:52:15 up 2 days, 2:51, 1 user, load average: 1.42, 1.47, 1.62Threads: 167 total, 4 running, 153 sleeping, 10 stopped, 0 zombie%Cpu(s): 53.6 us, 46.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 stKiB Mem : 1882192 total, 182388 free, 1079800 used, 620004 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 645476 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 22453 nobody 20 0 142820 25532 416 S 26.7 1.4 0:03.70 networkservice22457 nobody 20 0 142820 25532 416 S 21.7 1.4 0:03.37 networkservice22455 nobody 20 0 142820 25532 416 R 13.7 1.4 0:03.62 networkservice22454 nobody 20 0 142820 25532 416 R 3.3 1.4 0:00.54 networkservice10545 mysql20 0 1357216 392484 964 S 0.3 20.9 0:23.23 mysqld 22441 root20 0 162064 2340 1596 R 0.3 0.1 0:00.07 top 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.52 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.38 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:40.01 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.41 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.48 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.97 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh [10]+ Stopped top -H[root@VM-0-6-centos tmp]# rm -rf apache[root@VM-0-6-centos tmp]# rm -rf nobody[root@VM-0-6-centos tmp]# rm -rf root[root@VM-0-6-centos tmp]# rm -rf www[root@VM-0-6-centos tmp]# top -Htop - 17:55:00 up 2 days, 2:54, 1 user, load average: 1.19, 1.95, 1.40Threads: 168 total, 6 running, 151 sleeping, 11 stopped, 0 zombie%Cpu(s): 54.0 us, 45.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 stKiB Mem : 1882192 total, 176708 free, 1085112 used, 620372 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 640156 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 22457 nobody 20 0 147304 29688 416 R 23.3 1.6 0:29.61 networkservice22455 nobody 20 0 147304 29688 416 R 20.9 1.6 0:24.63 networkservice22453 nobody 20 0 147304 29688 416 S 9.6 1.6 0:34.28 networkservice22460 nobody 20 0 147304 29688 416 S 7.3 1.6 0:23.46 networkservice22454 nobody 20 0 147304 29688 416 R 3.3 1.6 0:05.75 networkservice10545 mysql20 0 1357216 392484 964 R 0.3 20.9 0:23.39 mysqld 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.52 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.39 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:40.04 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.41 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.48 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.97 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh [11]+ Stopped top -H[root@VM-0-6-centos tmp]# kill -9 22457[root@VM-0-6-centos tmp]# top -Htop - 18:15:01 up 2 days, 3:14, 1 user, load average: 1.00, 1.31, 1.96Threads: 172 total, 8 running, 152 sleeping, 12 stopped, 0 zombie%Cpu(s): 82.7 us, 12.3 sy, 5.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 160040 free, 1086196 used, 635956 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 637032 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 24330 nobody 30 10 152328 27344 416 R 6.0 1.5 0:17.35 networkservice24327 nobody 30 10 152328 27344 416 S 5.0 1.5 0:02.01 networkservice24331 nobody 30 10 152328 27344 416 S 3.7 1.5 0:15.05 networkservice24295 nobody 30 10 152328 27344 416 S 1.0 1.5 0:21.60 networkservice24324 nobody 30 10 152328 27344 416 R 1.0 1.5 0:04.04 networkservice572 root20 0 26384 1608 1308 S 0.3 0.1 0:00.34 systemd-logind1462 root20 0 574204 12624 1296 S 0.3 0.7 0:13.47 tuned10550 mysql20 0 1357216 392504 984 S 0.3 20.9 0:02.38 mysqld 22497 root20 0 162064 2352 1608 R 0.3 0.1 0:02.25 top 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.54 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.46 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:40.31 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.41 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.49 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf [12]+ Stopped top -H[root@VM-0-6-centos tmp]# find / -name networkservice/etc/networkservice[root@VM-0-6-centos tmp]# cd /etc[root@VM-0-6-centos etc]# lsattr networdservicelsattr: No such file or directory while trying to stat networdservice[root@VM-0-6-centos etc]# ^C[root@VM-0-6-centos etc]# lsattr networkservice----i--------e-- networkservice[root@VM-0-6-centos etc]# chattr -e networkservicechattr: Operation not supported while setting flags on networkservice[root@VM-0-6-centos etc]# chattr -i networkservice[root@VM-0-6-centos etc]# chattr -e networkservicechattr: Operation not supported while setting flags on networkservice[root@VM-0-6-centos etc]# rm -rf networkservice[root@VM-0-6-centos etc]# top -Htop - 18:18:46 up 2 days, 3:18, 1 user, load average: 1.85, 1.47, 1.10Threads: 171 total, 4 running, 154 sleeping, 13 stopped, 0 zombie%Cpu(s): 81.2 us, 12.5 sy, 6.2 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 131436 free, 1084944 used, 665812 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 623524 avail Mem Unknown command - try 'h' for help PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 24327 nobody 30 10 152328 27344 416 S 6.2 1.5 0:13.83 networkservice24331 nobody 30 10 152328 27344 416 R 6.2 1.5 0:22.59 networkservice24573 root20 0 162064 2200 1544 R 6.2 0.1 0:00.01 top 1 root20 0 43448 3468 2180 S 0.0 0.2 0:04.54 systemd 2 root20 0 000 S 0.0 0.0 0:00.00 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:07.47 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:40.38 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.03 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:27.41 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.49 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:00.98 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:03.84 kworker/0:1H 246 root 0 -20 000 S 0.0 0.0 0:00.03 ata_sff 250 root20 0 000 S 0.0 0.0 0:00.00 scsi_eh_0 [13]+ Stopped top -H[root@VM-0-6-centos etc]# KILL -9 24327-bash: KILL: command not found[root@VM-0-6-centos etc]# kill -9 24327[root@VM-0-6-centos etc]# kill -9 24331-bash: kill: (24331) - No such process

晚上23:00时许，再次发现挖矿病毒，不找到后门，这东西解决不掉，记录一下晚上23:10分的操作日志，解决挖矿病毒

Xshell 6 (Build 0204)Copyright (c) 2002 NetSarang Computer, Inc. All rights reserved.Type `help' to learn how to use Xshell prompt.[F:\~]$ [root@VM-0-6-centos ~]# cd /tmp[root@VM-0-6-centos tmp]# lltotal 8-rwxr-xr-x 1 nobody nobody 2 Dec 16 22:00 kdevtmpfsi-rw-r--r-- 1 nobody nobody 2 Dec 16 22:00 redis2[root@VM-0-6-centos tmp]# lsattr kdevtmpfsi----i--------e-- kdevtmpfsi[root@VM-0-6-centos tmp]# chattr -i kdevtmpfsi[root@VM-0-6-centos tmp]# chattr -e kdevtmpfsi[root@VM-0-6-centos tmp]# rm -rf kdevtmpfsi[root@VM-0-6-centos tmp]# chattr -e redis2[root@VM-0-6-centos tmp]# chattr -i redis2[root@VM-0-6-centos tmp]# rm -rf redis2[root@VM-0-6-centos tmp]# top -Htop - 23:12:12 up 2 days, 8:11, 1 user, load average: 1.72, 1.82, 1.78Threads: 172 total, 6 running, 164 sleeping, 0 stopped, 2 zombie%Cpu(s):100.0 us, 0.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 100428 free, 1333404 used, 448360 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 398608 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 9709 root20 0 811488 5316 944 R 19.9 0.3 13:57.05 svcupdate 9723 nobody 20 0 807276 273160 944 R 19.9 14.5 13:38.50 sysupdate 9710 root20 0 811488 5316 944 R 19.5 0.3 13:57.05 svcupdate 9722 nobody 20 0 807276 273160 944 R 19.5 14.5 13:38.48 sysupdate 9 root20 0 000 S 0.3 0.0 0:43.49 rcu_sched 1 root20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd 2 root20 0 000 S 0.0 0.0 0:00.01 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:09.00 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.04 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:28.65 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.66 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:01.07 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:04.03 kworker/0:1H 246 root 0 -20 000 S 0.0 0.0 0:00.03 ata_sff [1]+ Stopped top -H[root@VM-0-6-centos tmp]# ps -ef|grep sysupdatenobody 80221 38 22:01 ? 00:27:22 /etc/sysupdateroot16426 16297 0 23:12 pts/0 00:00:00 grep --color=auto sysupdate[root@VM-0-6-centos tmp]# cd /etc[root@VM-0-6-centos etc]# lltotal 5216drwxr-xr-x. 3 root root4096 Nov 5 abrtdrwxr-xr-x. 4 root root4096 Mar 7 acpi-rw-r--r--. 1 root root 16 Mar 7 adjtime-rw-r--r--. 1 root root1518 Jun 7 aliases-rw-r--r-- 1 root root12288 Mar 7 aliases.dbdrwxr-xr-x. 2 root root4096 Sep 28 13:19 alternatives-rw------- 1 root root 541 Aug 9 anacrontab-rw-r--r-- 1 root root 55 Aug 8 asound.conf-rw-r--r--. 1 root root 1 Oct 31 at.denydrwxr-x---. 3 root root4096 Nov 5 audispdrwxr-x---. 3 root root4096 Nov 5 audit-rw-r--r-- 1 root root 92 Dec 16 22:43 backup.dbdrwxr-xr-x. 2 root root4096 Aug 7 15:57 bash_completion.d-rw-r--r-- 1 root root3097 Sep 28 12:48 bashrcdrwxr-xr-x. 2 root root4096 Jun 30 23:11 binfmt.d-rw-r--r--. 1 root root 38 Nov 23 centos-release-rw-r--r--. 1 root root 51 Nov 23 centos-release-upstreamdrwxr-xr-x. 2 root root4096 Aug 4 chkconfig.d-rw-r--r-- 1 root root1108 Aug 8 chrony.conf-rw-r----- 1 root chrony481 Aug 8 chrony.keysdrwxr-xr-x. 2 root root4096 Apr 20 cifs-utilsdrwxr-xr-x 4 root root4096 Sep 28 12:47 cloud-rwxrwxrwx 1 root root2898 Nov 26 10:19 config.jsondrwxr-xr-x. 2 root root4096 Nov 21 19:25 cron.ddrwxr-xr-x. 2 root root4096 Mar 7 cron.daily-rw------- 1 root root 0 Aug 9 cron.denydrwxr-xr-x. 2 root root4096 Nov 21 19:25 cron.hourlydrwxr-xr-x. 2 root root4096 Jun 10 cron.monthly-rw-r--r-- 1 root root 459 Dec 16 20:59 crontabdrwxr-xr-x. 2 root root4096 Jun 10 cron.weekly-rw-------. 1 root root 0 Mar 7 crypttab-rw-r--r--. 1 root root1620 Oct 31 csh.cshrc-rw-r--r--. 1 root root 866 Oct 31 csh.logindrwxr-xr-x. 4 root root4096 Aug 7 16:00 dbus-1drwxr-xr-x. 2 root root4096 Apr 22 defaultdrwxr-xr-x. 2 root root4096 Aug 5 16:17 depmod.ddrwxr-x---. 4 root root4096 Aug 9 dhcp-rw-r--r-- 1 root root5090 Aug 6 DIR_COLORS-rw-r--r-- 1 root root5725 Aug 6 DIR_COLORS.256color-rw-r--r-- 1 root root4669 Aug 6 DIR_COLORS.lightbgcolor-rw-r--r-- 1 root root1363 Nov 6 dracut.confdrwxr-xr-x. 2 root root4096 Aug 5 16:17 dracut.conf.d-rw-r--r-- 1 root root 112 Sep 30 21:21 e2fsck.confdrwxr-xr-x 3 root root4096 Sep 28 13:18 egl-rw-r--r--. 1 root root 0 Oct 31 environment-rw-r--r--. 1 root root1317 Apr 11 ethertypes-rw-r--r--. 1 root root 0 Jun 7 exportslrwxrwxrwx. 1 root root 56 Mar 7 favicon.png -> /usr/share/icons/hicolor/16x16/apps/fedora-logo-icon.png-rw-r--r--. 1 root root 70 Oct 31 filesystemsdrwxr-x---. 7 root root4096 Apr 20 firewallddrwxr-xr-x 3 root root4096 Sep 28 13:18 fonts-rw-r--r-- 1 root root 313 Sep 28 12:47 fstabdrwxr-xr-x 7 root root4096 Sep 28 13:18 gconfdrwxr-xr-x. 2 root root4096 Aug 2 gcrypt-rw-r--r-- 1 root root 265 Aug 6 gdbinitdrwxr-xr-x. 2 root root4096 Aug 6 gdbinit.d-rw-r--r-- 1 root root1704 Aug 13 GeoIP.confdrwxr-xr-x 3 root root4096 Sep 28 13:18 glvnddrwxr-xr-x. 2 root root4096 Jul 13 gnupg-rw-r--r--. 1 root root 94 Mar 25 GREP_COLORSdrwxr-xr-x. 4 root root4096 Mar 7 groff-rw-r--r-- 1 root root 602 Sep 28 16:51 group-rw-r--r--. 1 root root 590 Nov 5 group-lrwxrwxrwx 1 root root 22 Aug 7 15:56 grub2.cfg -> ../boot/grub2/grub.cfgdrwx------. 2 root root4096 Aug 7 15:56 grub.d---------- 1 root root 481 Sep 28 16:51 gshadow----------. 1 root root 471 Nov 5 gshadow-drwxr-xr-x. 3 root root4096 Apr 1 gss-rw-r--r--. 1 root root 9 Jun 7 host.conf-rw-r--r-- 1 root root 14 Sep 28 12:47 hostname-rw-r--r-- 1 root root4684 Nov 8 22:17 hosts-rw-r--r--. 1 root root 370 Jun 7 hosts.allow-rw-r----- 1 root root 46 Nov 8 22:17 hostsd-rw-r--r--. 1 root root 460 Jun 7 hosts.deny-rw-r--r-- 1 root root 7 Aug 5 15:28 img_versiondrwxr-xr-x 2 root root4096 Aug 5 16:11 infinibanddrwxr-xr-x 2 root root4096 Aug 5 16:08 infiniband-diagslrwxrwxrwx. 1 root root 11 Mar 7 init.d -> rc.d/init.d-rw-r--r-- 1 root root 511 Aug 9 inittab-rw-r--r--. 1 root root 942 Jun 7 inputrcdrwxr-xr-x. 2 root root4096 Apr 20 iproute2drwxr-xr-x 2 root root4096 Nov 6 iscsi-rw-r--r--. 1 root root 23 Nov 23 issue-rw-r--r--. 1 root root 22 Nov 23 drwxr-xr-x 3 root root4096 Sep 28 13:18 javadrwxr-xr-x 2 root root4096 Nov 21 jvmdrwxr-xr-x 2 root root4096 Nov 21 jvm-commmon-rw-r--r-- 1 root root7274 Nov 5 kdump.confdrwxr-xr-x. 3 root root4096 Mar 7 kernel-rw-r--r-- 1 root root 646 Mar 31 krb5.confdrwxr-xr-x. 2 root root4096 Apr 1 krb5.conf.d-rw-r--r-- 1 root root36012 Dec 16 17:47 ld.so.cache-rw-r--r-- 1 root root 28 Feb 28 ld.so.confdrwxr-xr-x. 2 root root4096 Nov 21 19:25 ld.so.conf.d-rw-r----- 1 root root 191 Mar 2 libaudit.confdrwxr-xr-x 2 root root4096 Aug 5 16:11 libibverbs.ddrwxr-xr-x. 2 root root4096 Mar 7 libnldrwxr-xr-x. 6 root root4096 Nov 5 libreport-rw-r--r--. 1 root root2388 Mar 7 libuser.conf-rw-r--r-- 1 root root 16 Sep 28 12:48 locale.conflrwxrwxrwx. 1 root root 35 Mar 7 localtime -> ../usr/share/zoneinfo/Asia/Shanghai-rw-r--r-- 1 root root2046 Aug 5 15:28 login.defs-rw-r--r-- 1 root root2027 Aug 6 login.defs.rpmnew-rw-r--r--. 1 root root 662 Jul 31 logrotate.confdrwxr-xr-x. 4 root root4096 Sep 28 16:51 logrotate.ddrwxr-xr-x. 3 root root4096 Nov 5 lsmdrwxr-xr-x. 6 root root4096 Nov 5 lvm-r--r--r--. 1 root root 33 Sep 28 12:47 machine-id-rw-r--r-- 1 root root 30 Sep 28 12:47 machine-info-rw-r--r-- 1 root root 111 Apr 1 magic-rw-r--r--. 1 root root1968 Apr 11 mail.rc-rw-r--r-- 1 root root5122 Aug 8 makedumpfile.conf.sample-rw-r--r--. 1 root root5171 Oct 31 man_db.confdrwxr-xr-x 2 root root4096 Nov 21 maven-rw-r--r-- 1 root root1106 Sep 30 23:58 mke2fs.confdrwxr-xr-x. 2 root root4096 Sep 28 12:47 modprobe.ddrwxr-xr-x. 2 root root4096 Jun 30 23:11 modules-load.d-rw-r--r--. 1 root root 0 Jun 7 motdlrwxrwxrwx. 1 root root 17 Mar 7 mtab -> /proc/self/mounts-rw-r--r-- 1 root root1243 Jun 17 fdrwxr-xr-x 2 root root4096 Jun 17 f.d-rw-r--r--. 1 root root8892 Jun 10 nanorc-rw-r--r-- 1 root root 767 Aug 9 netconfigdrwxr-xr-x. 7 root root4096 Apr 20 NetworkManager-rw-r--r-- 1 root root 58 Aug 9 networks-rwxrwxrwx 1 root root33809 Nov 26 10:19 newsvc.sh-rw-r--r--. 1 root root1746 Mar 7 nsswitch.conf-rw-r--r--. 1 root root1735 Oct 30 nsswitch.conf.bak-rw-r--r-- 1 root root1938 Aug 7 nsswitch.conf.rpmnewdrwxr-xr-x. 3 root root4096 Aug 7 16:01 ntp-rw-r--r-- 1 root root2241 Sep 28 12:47 ntp.confdrwxr-xr-x. 3 root root4096 Jan 30 openldapdrwxr-xr-x. 2 root root4096 Apr 11 opt-rw-r--r--. 1 root root 393 Nov 23 os-releasedrwxr-xr-x. 2 root root4096 Aug 5 15:32 pam.d-rw-r--r-- 1 root root1194 Sep 28 16:51 passwd-rw-r--r--. 1 root root1141 Nov 5 passwd-drwxr-xr-x. 3 root root4096 Mar 7 pkcs11drwxr-xr-x. 10 root root4096 Mar 7 pkidrwxr-xr-x. 2 root root4096 Nov 5 plymouthdrwxr-xr-x. 5 root root4096 Mar 7 pmdrwxr-xr-x. 5 root root4096 Sep 14 polkit-1drwxr-xr-x. 2 root root4096 Jun 10 popt.ddrwxr-xr-x. 2 root root4096 Mar 7 postfixdrwxr-xr-x. 3 root root4096 Nov 5 pppdrwxr-xr-x. 2 root root4096 Aug 7 15:56 prelink.conf.d-rw-r--r--. 1 root root 233 Jun 7 printcap-rw-r--r-- 1 root root1805 Aug 5 15:28 profiledrwxr-xr-x. 2 root root4096 Nov 5 profile.d-rw-r--r--. 1 root root6545 Oct 31 protocolsdrwxr-xr-x. 2 root root4096 Aug 5 15:32 python-rw-r--r-- 1 root root 6 Sep 28 12:47 qcloudzonedrwxr-xr-x. 3 root root4096 Nov 5 qemu-galrwxrwxrwx 1 root root 10 Nov 5 rc0.d -> rc.d/rc0.dlrwxrwxrwx 1 root root 10 Nov 5 rc1.d -> rc.d/rc1.dlrwxrwxrwx 1 root root 10 Nov 5 rc2.d -> rc.d/rc2.dlrwxrwxrwx 1 root root 10 Nov 5 rc3.d -> rc.d/rc3.dlrwxrwxrwx 1 root root 10 Nov 5 rc4.d -> rc.d/rc4.dlrwxrwxrwx 1 root root 10 Nov 5 rc5.d -> rc.d/rc5.dlrwxrwxrwx 1 root root 10 Nov 5 rc6.d -> rc.d/rc6.ddrwxr-xr-x. 10 root root4096 Oct 19 18:16 rc.dlrwxrwxrwx 1 root root 18 Aug 6 16:03 rc.local -> /etc/rc.d/rc.localdrwxr-xr-x 2 root root4096 Aug 5 16:11 rdmalrwxrwxrwx. 1 root root 14 Mar 7 redhat-release -> centos-releasedrwxr-xr-x 2 root root4096 Nov 10 14:10 redis-rw-r--r-- 1 root root 89 Dec 14 15:00 resolv.conf-rw-r--r-- 1 root root1634 Dec 25 rpcdrwxr-xr-x. 2 root root4096 Sep 28 13:18 rpm-rw-r--r-- 1 root root 458 Apr 26 rsyncd.conf-rw-r--r-- 1 root root3232 Nov 28 rsyslog.confdrwxr-xr-x. 2 root root4096 Jun 23 23:40 rsyslog.d-rw-r--r-- 1 root root 966 Aug 9 rwtabdrwxr-xr-x. 2 root root4096 Aug 9 rwtab.ddrwxr-xr-x. 2 root root4096 Mar 7 sasl2drwxr-xr-x. 3 root root4096 Mar 7 scl-rw-------. 1 root root 255 Aug 5 15:28 securettydrwxr-xr-x. 6 root root4096 Mar 7 securitydrwxr-xr-x. 5 root root4096 Aug 5 15:28 selinux-rw-r--r--. 1 root root 670293 Jun 7 services-rw-r--r-- 1 root root 216 Aug 9 sestatus.confdrwxr-xr-x. 2 root root4096 Mar 7 setuptool.d---------- 1 root root 679 Sep 28 16:51 shadow----------. 1 root root 658 Sep 28 12:47 shadow--rw-r--r--. 1 root root 63 Mar 7 shellsdrwxr-xr-x. 2 root root4096 Aug 7 15:54 skel-rw-r--r-- 1 root root 138 Mar 18 sos.confdrwxr-xr-x. 2 root root4096 Nov 21 19:25 sshdrwxr-xr-x. 2 root root4096 Apr 20 ssl-rw-r--r-- 1 root root 212 Aug 9 statetabdrwxr-xr-x. 2 root root4096 Aug 9 statetab.d-rw-r--r--. 1 root root 0 Oct 31 subgid-rw-r--r--. 1 root root 0 Oct 31 subuid-rw-r----- 1 root root1786 Nov 28 sudo.conf-r--r----- 1 root root4328 Nov 28 sudoersdrwxr-x---. 2 root root4096 Sep 28 12:47 sudoers.d-rw-r----- 1 root root3181 Nov 28 sudo-ldap.conf-rwxrwxrwx 1 root root 0 Nov 11 17:45 svcguard-rwxrwxrwx 1 root root 1102480 Sep 1 12:48 svcupdate-rwxrwxrwx 1 root root 0 Nov 11 17:45 svcworkmanagerdrwxr-xr-x. 6 root root4096 Sep 28 12:48 sysconfig-rw-r--r-- 1 root root2059 Dec 16 22:00 sysctl.confdrwxr-xr-x. 2 root root4096 Jun 30 23:11 sysctl.d-rwxrwxrwx 1 root root 1472144 Dec 8 23:03 sysguarddrwxr-xr-x. 4 root root4096 Aug 5 15:32 systemdlrwxrwxrwx. 1 root root 14 Mar 7 system-release -> centos-release-rw-r--r--. 1 root root 23 Nov 23 system-release-cpe-rwxrwxrwx 1 root root 1102480 Oct 20 08:35 sysupdate-rw-r--r-- 1 root root 9 Oct 20 09:00 sysupdatesdrwxr-xr-x. 2 root root4096 Sep 7 terminfodrwxr-xr-x. 2 root root4096 Jun 30 23:11 tmpfiles.d-rw-r--r-- 1 root root 750 Jun 1 trusted-key.keydrwxr-xr-x. 3 root root4096 Nov 5 tuneddrwxr-xr-x. 3 root root4096 Aug 5 15:32 udev-rw-r--r--. 1 root root 557 Apr 11 updatedb.conf-rwxrwxrwx 1 root root37659 Oct 20 09:00 update.sh-rw-r--r--. 1 root root1523 Apr 11 usb_modeswitch.conf-rw-rw-rw- 1 root root 43 Sep 28 12:47 uuid-rw-r--r--. 1 root root 37 Mar 7 vconsole.conf-rw-r--r-- 1 root root1982 Aug 9 vimrc-rw-r--r-- 1 root root1982 Aug 9 virc-rw-r--r-- 1 root root4479 May 16 wgetrcdrwxr-xr-x. 2 root root4096 Mar 7 wpa_supplicantdrwxr-xr-x. 5 root root4096 Mar 7 X11drwxr-xr-x. 4 root root4096 Mar 7 xdgdrwxr-xr-x. 2 root root4096 Apr 11 xinetd.ddrwxr-xr-x. 6 root root4096 Nov 5 yum-rw-r--r-- 1 root root 992 Aug 5 16:11 yum.confdrwxr-xr-x. 2 root root4096 Sep 28 16:42 yum.repos.d-rw-r--r-- 1 root root 459 Dec 16 22:42 zzh[root@VM-0-6-centos etc]# lsattr sycupdatelsattr: No such file or directory while trying to stat sycupdate[root@VM-0-6-centos etc]# lsattr svcupdate----i--------e-- svcupdate[root@VM-0-6-centos etc]# chattr -i svcupdate[root@VM-0-6-centos etc]# chattr -e svcupdatechattr: Operation not supported while setting flags on svcupdate[root@VM-0-6-centos etc]# lsattr svcupdate-------------e-- svcupdate[root@VM-0-6-centos etc]# rm -rf svcupdate[root@VM-0-6-centos etc]# lsattr sysupdate----i--------e-- sysupdate[root@VM-0-6-centos etc]# chattr -e sysupdatechattr: Operation not supported while setting flags on sysupdate[root@VM-0-6-centos etc]# chattr -i sysupdate[root@VM-0-6-centos etc]# chattr -e sysupdatechattr: Operation not supported while setting flags on sysupdate[root@VM-0-6-centos etc]# rm -rf sysupdate[root@VM-0-6-centos etc]# chattr -i svcworkmanager[root@VM-0-6-centos etc]# chattr -e svcworkmanager[root@VM-0-6-centos etc]# rm -rf svcworkmanager[root@VM-0-6-centos etc]# top -Htop - 23:17:38 up 2 days, 8:17, 1 user, load average: 1.32, 1.58, 1.69Threads: 170 total, 16 running, 151 sleeping, 1 stopped, 2 zombie%Cpu(s): 94.4 us, 5.6 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 98956 free, 1332036 used, 451200 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 399880 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 9710 root20 0 811492 5328 944 R 23.5 0.3 15:01.82 svcupdate 9709 root20 0 811492 5328 944 R 17.6 0.3 15:01.82 svcupdate 9722 nobody 20 0 807280 273168 944 R 17.6 14.5 14:43.26 sysupdate 9723 nobody 20 0 807280 273168 944 R 17.6 14.5 14:43.25 sysupdate 16552 root20 0 162064 2216 1544 R 5.9 0.1 0:00.01 top 1 root20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd 2 root20 0 000 S 0.0 0.0 0:00.01 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:09.00 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 R 0.0 0.0 0:43.52 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.04 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:28.65 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.66 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:01.07 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:04.03 kworker/0:1H [2]+ Stopped top -H[root@VM-0-6-centos etc]# kill -9 9710[root@VM-0-6-centos etc]# kill -9 9709-bash: kill: (9709) - No such process[root@VM-0-6-centos etc]# top -Htop - 23:18:04 up 2 days, 8:17, 1 user, load average: 1.90, 1.46, 1.65Threads: 161 total, 4 running, 155 sleeping, 2 stopped, 0 zombie%Cpu(s): 99.3 us, 0.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 104040 free, 1326924 used, 451228 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 405036 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 9722 nobody 20 0 807280 273168 944 R 38.5 14.5 14:50.08 sysupdate 9723 nobody 20 0 807280 273168 944 R 29.9 14.5 14:49.82 sysupdate 1330 root20 0 142504 2956 1144 S 0.3 0.2 2:14.71 redis-server 10545 mysql20 0 1357216 3917240 S 0.3 20.8 0:45.94 mysqld 10549 mysql20 0 1357216 3917240 S 0.3 20.8 0:03.33 mysqld 1 root20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd 2 root20 0 000 S 0.0 0.0 0:00.01 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:09.00 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 S 0.0 0.0 0:43.52 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.04 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:28.65 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.66 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:01.07 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:04.03 kworker/0:1H [3]+ Stopped top -H[root@VM-0-6-centos etc]# kill -9 9722[root@VM-0-6-centos etc]# kill -9 9723-bash: kill: (9723) - No such process[root@VM-0-6-centos etc]# top -Htop - 23:18:44 up 2 days, 8:18, 1 user, load average: 1.73, 1.12, 1.52Threads: 153 total, 1 running, 149 sleeping, 3 stopped, 0 zombie%Cpu(s): 99.7 us, 0.3 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 1882192 total, 376920 free, 1053884 used, 451388 buff/cacheKiB Swap: 0 total, 0 free, 0 used. 678092 avail Mem PID USERPR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 16581 root20 0 162064 2344 1608 R 0.3 0.1 0:00.04 top 1 root20 0 43448 3328 2040 S 0.0 0.2 0:05.27 systemd 2 root20 0 000 S 0.0 0.0 0:00.01 kthreadd 4 root 0 -20 000 S 0.0 0.0 0:00.00 kworker/0:0H 6 root20 0 000 S 0.0 0.0 0:09.00 ksoftirqd/0 7 rootrt 0 000 S 0.0 0.0 0:00.00 migration/0 8 root20 0 000 S 0.0 0.0 0:00.00 rcu_bh 9 root20 0 000 S 0.0 0.0 0:43.53 rcu_sched 10 root 0 -20 000 S 0.0 0.0 0:00.00 lru-add-drain 13 root20 0 000 S 0.0 0.0 0:00.00 kdevtmpfs 14 root 0 -20 000 S 0.0 0.0 0:00.00 netns15 root20 0 000 S 0.0 0.0 0:00.04 khungtaskd16 root 0 -20 000 S 0.0 0.0 0:00.00 writeback 17 root 0 -20 000 S 0.0 0.0 0:00.00 kintegrityd 18 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 19 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 20 root 0 -20 000 S 0.0 0.0 0:00.00 bioset 21 root 0 -20 000 S 0.0 0.0 0:00.00 kblockd 22 root 0 -20 000 S 0.0 0.0 0:00.00 md 23 root 0 -20 000 S 0.0 0.0 0:00.00 edac-poller 24 root 0 -20 000 S 0.0 0.0 0:00.00 watchdogd 30 root20 0 000 S 0.0 0.0 0:28.65 kswapd0 31 root25 5 000 S 0.0 0.0 0:00.00 ksmd32 root39 19 000 S 0.0 0.0 0:00.66 khugepaged33 root 0 -20 000 S 0.0 0.0 0:00.00 crypto 41 root 0 -20 000 S 0.0 0.0 0:00.00 kthrotld 43 root 0 -20 000 S 0.0 0.0 0:00.00 kmpath_rdacd 44 root 0 -20 000 S 0.0 0.0 0:00.00 kaluad 45 root 0 -20 000 S 0.0 0.0 0:00.00 kpsmoused 46 root 0 -20 000 S 0.0 0.0 0:00.00 ipv6_addrconf 59 root 0 -20 000 S 0.0 0.0 0:00.00 deferwq 101 root20 0 000 S 0.0 0.0 0:01.07 kauditd 194 root 0 -20 000 S 0.0 0.0 0:00.00 iscsi_eh 241 root 0 -20 000 S 0.0 0.0 0:04.03 kworker/0:1H 246 root 0 -20 000 S 0.0 0.0 0:00.03 ata_sff 250 root20 0 000 S 0.0 0.0 0:00.00 scsi_eh_0 251 root 0 -20 000 S 0.0 0.0 0:00.00 scsi_tmf_0253 root20 0 000 S 0.0 0.0 0:00.00 scsi_eh_1 [4]+ Stopped top -H[root@VM-0-6-centos etc]# redis-bash: redis: command not found[root@VM-0-6-centos etc]#