OK everyone . . .

Well, well

While I was poking around on my server, I was checking the running processes and noticed that a program called 'wusage' was using up about 25 to 35 percent of available memory. Now that didn't seem right.

So I contacted tech support and asked them to kill that process for me. I just logged on about a half hour ago, and found that they had not done that and that blasted process was using up 64 percent of available memory by that time. Obviously this was a runaway program! I placed another trouble ticket with them to PLEASE KILL THAT PROCESS!!!

As soon as they did, the difference was dramatic. I was in telnet at the time, and I could tell something had changed. Speed increased tremendously.

So unless the world will end as we know it, I am going to ask them to NEVER run that process again on my server.

Looks like I probably will not have to purchase more memory for the server after all. I didn't even have to reboot it like I thought I was going to have to. Evidently that program has a severe memory leak that gets bigger the longer it runs.

Whew!!!

So does this mean we are one big happy family here to stay? Life would feel kind of empty if this site wasn't here. Learn something new everyday!

If Amazon do an affiliate scheme, you could link to books like the Corn Snake Manual - people would actually buy them ...

Dang it!

That errant process is running on my serverf again causing the slowness experienced yesterday. I'm trying to get the tech support people at my server host to fix the problem, but they seem to be dragging their feet on me. Man, that's all I will need is to have to switch server hosts right now.....

Rich,

You don't know what "wusage" is? Certainly does sound like a memory leak but could it be *gasp* a virus? And don't you have the power to telnet in and kill it yourself? If not, I'd be demanding to know exactly what this process is and what starts it. I know we had a problem (at work) with our hosting services once and it turned out to be a virus that they didn't know they had. Same type of deal, the strange memory eating process from nowhere. Just a thought. Keep us posted.

'wusage' is a web usage statistics program that many web sites run in the background. I think every domain I have set up has had this program run on it.

And no, I could not kill it myself. I had to log in as root, but evidently a cron job was respawning it every time I killed it. I no sooner killed the process then another one immediately started up. I probably could have figured out where it's jugglar vein was over time, but I just asked the tech support people to do it for me. Every minute I puttered around in telnet, my sites were running slow as molasses.

I doubt a virus was involved. More than likely there was an update in some other module somewhere on the server, that set up an incompatibility. It's possible that the wusage program was just churning out messages that were filling up memory.

Anyway, hopefully that is behind me now. At least I don't have to fork out more money for additional memory.

I'd hate to see this place go, what's a good donation? $10 a year or more?

Re: Dang it!

Rich Z said:

That errant process is running on my serverf again causing the slowness experienced yesterday. I'm trying to get the tech support people at my server host to fix the problem, but they seem to be dragging their feet on me. Man, that's all I will need is to have to switch server hosts right now.....

Click to expand...

There's probably something sat in the cron that keeps firing it up.

You can type...

ps waux | grep wusage

In order to get the applications pid.

If it's owned by your userid (or you have root access) you can...

kill -9 <the process id>

By the fact that you mentioned the ability to reboot the server, I would assume you have root access.

But, this is just a short term fix and not really going to help much - as the program will automatically reload itself once the system spots it's not up and running. You'll have to start hunting through the cron & init scripts by the sound of it (have a look in /etc/rc.d or /etc/init.d depending on what Linux distro is powering this baby).

Doing the ps waux | grep wusage will also tell you the username under which the application is running. If you have root, or it's running under your own username, you can do...

crontab -l -u <username>

If something comes up, you can just edit it there. If not, check the runlevel inits.

Katie: Nope, not a virus. The only successful virus ever written for Linux was called "Melissa", and it was stamped out in the Kernel a coupla years ago - the only threats these days are backdoors, trojans, etc. But they're limited to the abilities of the username under which they're executed (hence the reason advice is usually given to rarely use the root account except for system administration, and not general usage - just in case).

Edit - Heh, ok, I didn't read your other response Rich. So, it is in the cron and you don't have root access? Hmm... sounds a bit odd considering it's supposed to be a dedicated box - especially with the money you're paying. But, still, best of luck with it

No, I do have root access, but it's been a long time since I played around in Unix (Linux). I want to get back into it, but it's on my LONG list of things to do when I get time. I can do the basic stuff, but Unix wasn't designed for the casual user.

Getting in and mucking around as root probably isn't a real good idea on a live server.

What the tech guys did was to set the permissions to 000 for the wusage file. They took it out of the cron job, but the sucker kept resurrecting itself. It hasn't been back for two days now, so I guess they put that wooden stake through it's heart.

I have no idea why that program went bonkers like it did. WUSAGE has been around a long time and has probably been running on my server ever since day 1.

Oh well, thanks for the help. Maybe I can put all of these Linux manuals I have underneath my pillow and learn it all through osmosis.

Well, I'm glad it all got sorted in the end