- Community Home
- >
- Servers and Operating Systems
- >
- Integrity Servers
- >
- Re: Sudden system reboot issue
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2020 09:02 PM
02-07-2020 09:02 PM
Sudden system reboot issue
Dear Concern,
Our system is running on HP-UX 11.31 system. System rebooted last two days few time and from below log, we have found below entries.
# cat /etc/shutdownlog
12:35 Thu Feb 6, 2020. Reboot: (by sdbmblv2!oracle)
12:08 Fri Feb 7, 2020. Reboot: (by sdbmblv2!oracle)
As per my understanding, these entries mean "oracle" user reboot the system twice. My query is can "oracle" user reboot the system as it is only a normal user not superuser priviledge?
With Best Regards,
Kauser
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2020 09:53 PM
02-07-2020 09:53 PM
Re: Sudden system reboot issue
Dear Concern,
In addition to above post, we've found no entries in /etc/shutdown.allow file.
Best Regards,
Kauser
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2020 01:12 AM - last edited on 06-29-2021 12:20 AM by Ramya_Heera
02-10-2020 01:12 AM - last edited on 06-29-2021 12:20 AM by Ramya_Heera
Re: Sudden system reboot issue
Greetings,
I am not sure what version of HP-UX is being used on this server "sdbmblv2" but you are absolutely right in saying that the user "oracle" rebooted the server twice (per shutdownlog).
An excerpt from the man page of reboot (1M)
At shutdown time a message is written in the file
/etc/shutdownlog
(if it exists), containing the time of shutdown, who ran reboot, and
the reason.
Only users with appropriate privileges can run the reboot command.
Please take note of the last time. Also, per man page of privileges (5), under "Privileges for System Calls"
reboot() PRIV_REBOOT
So, the user definitely seem to have the privileges.
There was a potential security vulnerablity identified on HP-UX 11.11 and older versions in which local user could increase privileges. The fix was available in - PHCO_30402
I don't think there is any such vulnerability on later versions though.
You may want to login as this user "oracle" and check it. Also, check if this user is part of any privileged group.
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2020 01:29 AM
02-10-2020 01:29 AM
Re: Sudden system reboot issue
Hello again,
You may also want to check through the documentation :HP-UX System Administrator's Guide:Security Management HP-UX 11i Version 3" - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=c01944073
I am a HPE Employee