Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Something of interest in my Logwatch log...

Discussion in 'General Discussion' started by ryan.overton, Mar 6, 2006.

  1. ryan.overton

    ryan.overton Active Member

    Mar 3, 2006
    Likes Received:
    Trophy Points:
    Does this look suspicious to anyone else but me?

    this wouldnt be cpanel related would it?

    never seen this before, and no one on our side has done any of this, didnt know if it was automated or not.

    **Unmatched Entries**
    snoopy[9428]: [(null), uid:0 sid:9001]: /etc/cron.daily/makewhatis.cron
    snoopy[9429]: [(null), uid:0 sid:9001]: awk -v progname=/etc/cron.daily/makewh
    snoopy[9430]: [(null), uid:0 sid:9001]: touch /var/lock/makewhatis.lock 
    snoopy[9431]: [(null), uid:0 sid:9001]: makewhatis -u -w 
    snoopy[9432]: [(null), uid:0 sid:9001]: basename /usr/sbin/makewhatis 
    snoopy[9433]: [(null), uid:0 sid:9001]: mktemp -d /tmp/makewhatisXXXXXX 
    snoopy[9434]: [(null), uid:0 sid:9001]: chmod 0700 /tmp/makewhatismYlzpZ 
    snoopy[9435]: [(null), uid:0 sid:9001]: man --path 
    snoopy[9438]: [(null), uid:0 sid:9001]: tr :   
    snoopy[9441]: [(null), uid:0 sid:9001]: tr :   
    snoopy[9443]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9444]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9445]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9446]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9447]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9448]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9450]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9449]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9451]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9452]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9453]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9454]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9455]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9456]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9457]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9458]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9459]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9460]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9461]: [(null), uid:0 sid:9001]: find . -name * -newer /var/cache/man/whatis -print 
    snoopy[9462]: [(null), uid:0 sid:9001]: /usr/bin/awk   	    function readline() { 	 
    snoopy[9463]: [(null), uid:0 sid:9001]: cat /var/cache/man/whatis 
    snoopy[9464]: [(null), uid:0 sid:9001]: sed /^$/d 
    snoopy[9465]: [(null), uid:0 sid:9001]: sort 
    snoopy[9466]: [(null), uid:0 sid:9001]: uniq 
    snoopy[9467]: [(null), uid:0 sid:9001]: chmod 644 /var/cache/man/whatis 
    snoopy[9468]: [(null), uid:0 sid:9001]: rm /tmp/makewhatismYlzpZ/w 
    #1 ryan.overton, Mar 6, 2006
    Last edited: Mar 6, 2006
  2. ryan.overton

    ryan.overton Active Member

    Mar 3, 2006
    Likes Received:
    Trophy Points:
    snoopy[11781]: [(null), uid:0 sid:10734]: zcat ./pnmtorast.1.gz 
    snoopy[11782]: [(null), uid:0 sid:10734]: zcat ./pnmtorle.1.gz 
    snoopy[11783]: [(null), uid:0 sid:10734]: zcat ./pnmtosgi.1.gz 
    snoopy[11784]: [(null), uid:0 sid:10734]: zcat ./pnmtosir.1.gz 
    snoopy[11785]: [(null), uid:0 sid:10734]: zcat ./pnmtotiff.1.gz 
    snoopy[11786]: [(null), uid:0 sid:10734]: zcat ./pnmtotiffcmyk.1.gz 
    snoopy[11787]: [(null), uid:0 sid:10734]: zcat ./pnmtoxwd.1.gz 
    snoopy[11788]: [(null), uid:0 sid:10734]: zcat ./ppm3d.1.gz 
    snoopy[11789]: [(null), uid:0 sid:10734]: zcat ./ppmbrighten.1.gz 
    snoopy[11790]: [(null), uid:0 sid:10734]: zcat ./ppmchange.1.gz 
    snoopy[11791]: [(null), uid:0 sid:10734]: zcat ./ppmcie.1.gz 
    snoopy[11792]: [(null), uid:0 sid:10734]: zcat ./ppmcolormask.1.gz 
    snoopy[11793]: [(null), uid:0 sid:10734]: zcat ./ppmcolors.1.gz 
  3. ryan.overton

    ryan.overton Active Member

    Mar 3, 2006
    Likes Received:
    Trophy Points:
    snoopy[18397]: [(null), uid:0 sid:10734]: find . -name * -print 
    snoopy[18398]: [(null), uid:0 sid:10734]: /usr/bin/awk   	    function readline() { 	 
    snoopy[18399]: [(null), uid:0 sid:10734]: find . -name * -print 
    snoopy[18400]: [(null), uid:0 sid:10734]: /usr/bin/awk   	    function readline() { 	 
    snoopy[18401]: [(null), uid:0 sid:10734]: find . -name * -print 
    snoopy[18402]: [(null), uid:0 sid:10734]: /usr/bin/awk   	    function readline() { 	 
    snoopy[18403]: [(null), uid:0 sid:10734]: find . -name * -print 
    snoopy[18404]: [(null), uid:0 sid:10734]: /usr/bin/awk   	    function readline() { 	 
    snoopy[18405]: [(null), uid:0 sid:10734]: find . -name * -print 
    snoopy[18406]: [(null), uid:0 sid:10734]: /usr/bin/awk   	    function readline() { 	 
    snoopy[18407]: [(null), uid:0 sid:10734]: cat /var/cache/man/whatis 
    snoopy[18408]: [(null), uid:0 sid:10734]: sed /^$/d 
    snoopy[18409]: [(null), uid:0 sid:10734]: sort 
    snoopy[18410]: [(null), uid:0 sid:10734]: uniq 
    snoopy[18411]: [(null), uid:0 sid:10734]: chmod 644 /var/cache/man/whatis 
    snoopy[18412]: [(null), uid:0 sid:10734]: rm /tmp/makewhatisl74uKC/w 
    snoopy[18414]: [(null), uid:0 sid:10734]: cat /var/cache/man/whatis 
    snoopy[18415]: [(null), uid:0 sid:10734]: sed /^$/d 
    snoopy[18416]: [(null), uid:0 sid:10734]: sort 
    snoopy[18417]: [(null), uid:0 sid:10734]: uniq 
    snoopy[18418]: [(null), uid:0 sid:10734]: chmod 644 /var/cache/man/whatis 
    snoopy[18419]: [(null), uid:0 sid:10734]: rm /tmp/makewhatisl74uKC/w 
    snoopy[18421]: [(null), uid:0 sid:10734]: cat /var/cache/man/whatis 
    snoopy[18422]: [(null), uid:0 sid:10734]: sed /^$/d 
    snoopy[18423]: [(null), uid:0 sid:10734]: sort 
    snoopy[18424]: [(null), uid:0 sid:10734]: uniq 
    snoopy[18425]: [(null), uid:0 sid:10734]: chmod 644 /var/cache/man/whatis 
    snoopy[18426]: [(null), uid:0 sid:10734]: rm /tmp/makewhatisl74uKC/w 
    snoopy[18428]: [(null), uid:0 sid:10734]: cat /var/cache/man/whatis 
    snoopy[18429]: [(null), uid:0 sid:10734]: sed /^$/d 
    snoopy[18430]: [(null), uid:0 sid:10734]: sort 
    snoopy[18431]: [(null), uid:0 sid:10734]: uniq 
    snoopy[18432]: [(null), uid:0 sid:10734]: chmod 644 /var/cache/man/whatis 
    snoopy[18433]: [(null), uid:0 sid:10734]: rm /tmp/makewhatisl74uKC/w 
    snoopy[18435]: [(null), uid:0 sid:10734]: cat /var/cache/man/whatis 
    snoopy[18436]: [(null), uid:0 sid:10734]: sed /^$/d 
    snoopy[18437]: [(null), uid:0 sid:10734]: sort 
    snoopy[18438]: [(null), uid:0 sid:10734]: uniq 
    snoopy[18439]: [(null), uid:0 sid:10734]: chmod 644 /var/cache/man/whatis 
    snoopy[18440]: [(null), uid:0 sid:10734]: rm /tmp/makewhatisl74uKC/w 
    snoopy[18442]: [(null), uid:0 sid:10734]: cat /var/cache/man/whatis 
    snoopy[18443]: [(null), uid:0 sid:10734]: sed /^$/d 
    snoopy[18444]: [(null), uid:0 sid:10734]: sort 
    snoopy[18445]: [(null), uid:0 sid:10734]: uniq 
    snoopy[18446]: [(null), uid:0 sid:10734]: chmod 644 /var/cache/man/whatis 
    snoopy[18447]: [(null), uid:0 sid:10734]: rm /tmp/makewhatisl74uKC/w 
    snoopy[18448]: [(null), uid:0 sid:10734]: rm -rf /tmp/makewhatisl74uKC 
    snoopy[18449]: [(null), uid:0 sid:10734]: rm -rf /tmp/makewhatisl74uKC 
    snoopy[18450]: [(null), uid:0 sid:10734]: rm -f /var/lock/makewhatis.lock 
    snoopy[18524]: [(null), uid:0 sid:18523]: /usr/local/cpanel/bin/dcpumon 
    snoopy[18530]: [(null), uid:0 sid:18523]: /bin/csh -cf set nonomatch; glob /var/log/dc
    snoopy[18532]: [(null), uid:0 sid:18523]: /bin/csh -cf set nonomatch; glob /var/log/dc
    snoopy[18537]: [(null), uid:0 sid:18537]: imapd 
    snoopy[18562]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqQt-0004pJ-Op 
    snoopy[18570]: [(null), uid:0 sid:18570]: imapd 
    snoopy[18585]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqRI-0004pk-IL 
    snoopy[18598]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqRV-0004px-1h 
    snoopy[18615]: [(null), uid:0 sid:18615]: imapd 
    snoopy[18655]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqSM-0004qn-Kl 
    snoopy[18680]: [(null), uid:0 sid:18680]: imapd 
    snoopy[18693]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqTB-0004rT-N0 
    snoopy[18701]: [(null), uid:0 sid:18701]: imapd 
    snoopy[18759]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqUZ-0004sU-NR 
    snoopy[18767]: [(null), uid:0 sid:18767]: imapd 
    snoopy[18769]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqUh-0004sf-2n 
    snoopy[18784]: [(null), uid:0 sid:18783]: /usr/local/cpanel/bin/dcpumon 
    snoopy[18787]: [(null), uid:0 sid:18786]: /usr/local/cpanel/whostmgr/bin/
    snoopy[18793]: [(null), uid:0 sid:18783]: /bin/csh -cf set nonomatch; glob /var/log/dc
    snoopy[18795]: [(null), uid:0 sid:18783]: /bin/csh -cf set nonomatch; glob /var/log/dc
    snoopy[18810]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqVI-0004tK-3r 
    snoopy[18987]: [(null), uid:0 sid:18987]: imapd 
    snoopy[19010]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqXh-0004wY-Mc 
    snoopy[19030]: [(null), uid:47 sid:14842]: /usr/sbin/exim -Mc 1FFqYH-0004wu-37 
    snoopy[19044]: [(null), uid:47 sid:14842]: /usr/sbin/exim -q 
  4. chirpy

    chirpy Well-Known Member Verifed Vendor

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    That's from whatis processing, probably in /etc/cron.weekly/makewhatis.cron which you probably never use (whatis) so isn't anything to worry about.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. ryan.overton

    ryan.overton Active Member

    Mar 3, 2006
    Likes Received:
    Trophy Points:
    hah.. yeah, Im new here, so I dont have access to the logs prior, but they magically appear every monday morning. Thanks!


Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice