Thursday, March 31, 2011

Squid Transparent Proxy Server

  A proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client.
                       Fig. Schematic representation of a proxy server, where the computer in the middle acts as the proxy server between the other two.

Transparent proxies

An intercepting proxy (also forced proxy or transparent proxy) combines a proxy server with a gateway or router (commonly with NAT capabilities). Connections made by client browsers through the gateway are diverted to the proxy without client-side configuration (or often knowledge).

"A 'transparent proxy' is a proxy that does not modify the request or response beyond what is required for proxy authentication and identification".
                                                Main benefit of setting transparent proxy is you do not have to setup up individual browsers to work with proxies.

My Setup:

i) System: Intel Dual Core system with 4 GB RAM.
ii) Eth0: IP:
iii) Eth1: IP: ( network.
iv) OS: CentOS 5.4 (also work on Redhat Enterprise Linux 4)

Eth0 connected to internet and eth1 connected to local lan i.e. system act as router.

Server Configuration

  • Step #1 : Squid configuration so that it will act as a transparent proxy
  • Step #2 : Iptables configuration
    • a) Configure system as router
    • b) Forward all http requests to 3128 (DNAT)
  • Step #3: Run scripts and start squid service

 First, Squid server installed (use up2date squid) and configured by adding following directives to file:

# vi /etc/squid/squid.conf

Modify or add following squid directives:

         http_port 80 vhost
  • http_port 80 vhost: Squid as an httpd accelerator and 80 is port you want to act as a proxy
Here is the complete listing of squid.conf for your reference
[root@gateway squid]# cat /etc/squid/squid.conf
acl all src
acl manager proto cache_object
acl localhost src
acl to_localhost dst
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl bad dstdomain "/etc/squid/bad-sites.acl"
http_access allow !bad
acl our_networks src
#http_access allow our_networks
#http_access allow localhost
acl ftp proto FTP
http_access allow ftp
http_access deny all
http_reply_access allow all
icp_access allow all
#hicp_access allow all
http_port transparent
hierarchy_stoplist cgi-bin ?
 cache_mem 128 MB
 cache_dir ufs /home/squid 512 16 256
access_log /home/log/squid/access.log squid
error_log /home/log/squid/error.log squid
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
visible_hostname gateway
http_port 80 vhost
coredump_dir /home/spool/squid
[root@gateway squid]#

Iptables configuration

Next, I had added following rules to forward all http requests (coming to port 80) to the Squid server port 3128 :
# iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

Start or Restart the squid:
# /etc/init.d/squid restart
# chkconfig squid on

Desktop / Client computer configuration

Point all desktop clients to your eth1 IP address ( as Router/Gateway (use DHCP to distribute this information). You do not have to setup up individual browsers to work with proxies.

How do I test my squid proxy is working correctly?

See access log file /var/log/squid/access.log:
# tail -f /var/log/squid/access.log
Above command will monitor all incoming request and log them to /var/log/squid/access_log file. Now if somebody accessing a website through browser, squid will log information.

Hope This will help You..

!Enjoy Linux

Kuldeep Sharma

Saturday, March 19, 2011

Top 5 Memory Consuming Processes in Linux

       Some times we need to know the most memory consuming process. In Linux you can do this with the help of following command.

[root@server2~]#ps axo %mem,command,pid | sort -nr | head -n 5
 24.2 /usr/java/jdk1.6.0_24/bin/j 2223
 9.4 /usr/sbin/mysqld --basedir= 2855
 1.9 /usr/java/jdk1.6.0_24/bin/j 2065
 0.8 /usr/libexec/gdmgreeter 3847
 0.2 /usr/libexec/gdm-rh-securit 3798

Here option "axo"  allow us to see Every Process in User-Defined format.

!!Enjoy Linux

Friday, March 18, 2011

Setting Java Heap Size

Two JVM options are often used to tune JVM heap size: -Xmx for maximum heap size, and -Xms for initial heap size. Here are some common mistakes I have seen when using them:

  • Missing m, M, g or G at the end (they are case insensitive). For example,
    java -Xmx128 BigApp
    java.lang.OutOfMemoryError: Java heap space
    The correct command should be: java -Xmx128m BigApp. To be precise, -Xmx128 is a valid setting for very small apps, like HelloWorld. But in real life, I guess you really mean -Xmx128m

  • Extra space in JVM options, or incorrectly use =. For example,
    java -Xmx 128m BigApp
    Invalid maximum heap size: -Xmx
    Could not create the Java virtual machine.
    java -Xmx=512m HelloWorld
    Invalid maximum heap size: -Xmx=512m
    Could not create the Java virtual machine.
    The correct command should be java -Xmx128m BigApp, with no whitespace nor =. -X options are different than -Dkey=value system properties, where = is used.

  • Only setting -Xms JVM option and its value is greater than the default maximum heap size, which is 64m. The default minimum heap size seems to be 0. For example,
    java -Xms128m BigApp
    Error occurred during initialization of VM
    Incompatible initial and maximum heap sizes specified
    The correct command should be java -Xms128m -Xmx128m BigApp. It's a good idea to set the minimum and maximum heap size to the same value. In any case, don't let the minimum heap size exceed the maximum heap size.

  • Heap size is larger than your computer's physical memory. For example,
    java -Xmx2g BigApp
    Error occurred during initialization of VM
    Could not reserve enough space for object heap
    Could not create the Java virtual machine.
    The fix is to make it lower than the physical memory: java -Xmx1g BigApp

  • Incorrectly use mb as the unit, where m or M should be used instead.
    java -Xms256mb -Xmx256mb BigApp
    Invalid initial heap size: -Xms256mb
    Could not create the Java virtual machine.
  • The heap size is larger than JVM thinks you would ever need. For example,
    java -Xmx256g BigApp
    Invalid maximum heap size: -Xmx256g
    The specified size exceeds the maximum representable size.
    Could not create the Java virtual machine.
    The fix is to lower it to a reasonable value: java -Xmx256m BigApp
  • The value is not expressed in whole number. For example,
    java -Xmx0.9g BigApp
    Invalid maximum heap size: -Xmx0.9g
    Could not create the Java virtual machine.
    The correct command should be java -Xmx928m BigApp

How to set java heap size in Tomcat?
Stop Tomcat server, set environment variable CATALINA_OPTS, and then restart Tomcat. Look at the file tomcat-install/bin/ or catalina.bat for how this variable is used. For example,
set CATALINA_OPTS=-Xms512m -Xmx512m  (Windows, no "" around the value)
export CATALINA_OPTS="-Xms512m -Xmx512m"  (ksh/bash, "" around the value)
setenv CATALINA_OPTS "-Xms512m -Xmx512m"  (tcsh/csh, "" around the value)
In catalina.bat or, you may have noticed CATALINA_OPTS, JAVA_OPTS, or both can be used to specify Tomcat JVM options. What is the difference between CATALINA_OPTS and JAVA_OPTS? The name CATALINA_OPTS is specific for Tomcat servlet container, whereas JAVA_OPTS may be used by other java applications (e.g., JBoss). Since environment variables are shared by all applications, we don't want Tomcat to inadvertently pick up the JVM options intended for other apps. I prefer to use CATALINA_OPTS.

How to set java heap size in JBoss?
Stop JBoss server, edit $JBOSS_HOME/bin/run.conf, and then restart JBoss server. You can change the line with JAVA_OPTS to something like:
JAVA_OPTS="-server -Xms128m -Xmx128m"
How to set java heap size in Eclipse?
You have 2 options:
1. Edit eclipse-home/eclipse.ini to be something like the following and restart Eclipse.
2. Or, you can just run eclipse command with additional options at the very end. Anything after -vmargs will be treated as JVM options and passed directly to the JVM. JVM options specified in the command line this way will always override those in eclipse.ini. For example,
eclipse -vmargs -Xms64m -Xmx256m
How to set java heap size in NetBeans?
Exit NetBeans, edit the file netbeans-install/etc/netbeans.conf. For example,
netbeans_default_options="-J-Xms512m -J-Xmx512m -J-XX:PermSize=32m -J-XX:MaxPermSize=128m -J-Xverify:none
How to set java heap size in Apache Ant?Set environment variable ANT_OPTS. Look at the file $ANT_HOME/bin/ant or %ANT_HOME%\bin\ant.bat, for how this variable is used by Ant runtime.
set ANT_OPTS=-Xms512m -Xmx512m  (Windows)
export ANT_OPTS="-Xms512m -Xmx512m"  (ksh/bash)
setenv ANT_OPTS "-Xms512m -Xmx512m"  (tcsh/csh)
How to set java heap size in jEdit?
jEdit is a java application, and basically you need to set minimum/maximum heap size JVM options when you run java command. jEdit by default runs with a default maximum heap size 64m. When you work on large files, you are likely to get these errors:
java.lang.OutOfMemoryError: Java heap space
at java.lang.String.concat(
at org.gjt.sp.jedit.buffer.UndoManager.contentInserted(
at org.gjt.sp.jedit.Buffer.insert(
at org.gjt.sp.jedit.textarea.JEditTextArea.setSelectedText(
at org.gjt.sp.jedit.textarea.JEditTextArea.setSelectedText(
at org.gjt.sp.jedit.Registers.paste(

How to fix it? If you click a desktop icon, or Start menu item to start jEdit: right-click the icon or menu item, view its property, and you can see its target is something like:
C:\jdk6\bin\javaw.exe -jar "C:\jedit\jedit.jar"
You can change that line to:
C:\jdk6\bin\javaw.exe -Xmx128m -Xms128m -jar "C:\jedit\jedit.jar"
If you run a script to start jEdit: just add these JVM options to the java line inside the script file:
java -Xmx128m -Xms128m -jar jedit.jar
If you start jEdit by running java command: just add these JVM options to your java command:
java -Xmx128m -Xms128m -jar jedit.jar
Note that when you run java with -jar option, anything after -jar jar-file will be treated as application arguments. So you should always put JVM options before -jar. Otherwise, you will get error:
C:\jedit>java -jar jedit.jar -Xmx128m
Unknown option: -Xmx128m
Usage: jedit [] []
How to set java heap size in JavaEE SDK/J2EE SDK/Glassfish/Sun Java System Application Server?
Stop the application server, edit
$GLASSFISH_HOME/domains/domain1/config/domain.xml, search for XML element name java-config and jvm-options. For example,

You can also change these settings in the web-based admin console, typically at http://localhost:4848/, or https://localhost:4848/. Go to Application Server near the top of the left panel, and then on the right panel, click JVM Settings -> JVM Options, and you will see a list of existing JVM options. You can add new ones and modify existing ones there.

Yet another option is to use its Command Line Interface (CLI) tool command, such as:
./asadmin help create-jvm-options
./asadmin help delete-jvm-options
They may be a bit hard to use manually, but are well suited for automated scripts.

Sunday, March 6, 2011

389 Directory Server | Fedora Directory Server On CentOS

389 Directory Server

The 389 Directory Server (previously Fedora Directory Server) is an LDAP (Lightweight Directory Access Protocol) server developed by Red Hat, as part of Red Hat's community-supported Fedora Project. 389 Directory Server is identical to the Red Hat Directory Server, just rebranded. The name 389 is derived from the port number for LDAP.


1.) 389 Directory Server has multi-master capability.
2.) 389 Directory Server also has the ability to export parts of the directory to read-only servers. This is similar to the Read Only Domain Controller in Microsoft's Active Directory Domain Services.
3.) 389 Directory Server has a Java-based GUI front end for administration, but the underlying LDAP database can be managed by other LDAP compliant tools.

First you need to download & install epel rpm package, that is repository rpm packages.Then you can install packages with your usual method, and the EPEL repository is included.

[root@server2/etc/dirsrv]#rpm -Uvh

Do a yum install for the 389 directory packages:

[root@server2/etc/dirsrv]#yum install 389-ds openldap-clients

Install Directories….

/var/lib/dirsrv (this is where you directory data lives)

This program will set up the 389 Directory and Administration Servers.
It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
- Press "Enter" to choose the default and go to the next screen
- Type "Control-B" then "Enter" to go back to the previous screen
- Type "Control-C" to cancel the setup program

Would you like to continue with set up? [yes]:

Do you agree to the license terms? [no]: yes
Your system has been scanned for potential problems, missing patches,etc. The following output is a report of the items found that need to be addressed before running this software in a production

389 Directory Server system tuning analysis version 10-AUGUST-2007.

NOTICE : System is i686-unknown-linux2.6.18-194.3.1.el5_lustre.1.8.4 (1 processor).

NOTICE : The net.ipv4.tcp_keepalive_time is set to 10200000 milliseconds

(170 minutes). This may cause temporary server congestion from lost client connections.
WARNING: There are only 1024 file descriptors (hard limit) available, which limit the number of simultaneous connections.

WARNING: There are only 1024 file descriptors (soft limit) available, which limit the number of simultaneous connections.

Would you like to continue? [no]: yes
Choose a setup type:
1. Express
Allows you to quickly set up the servers using the most common options and pre-defined defaults. Useful for quick evaluation of the products.

2. Typical
Allows you to specify common defaults and options.

3. Custom
Allows you to specify more advanced options. This is recommended for experienced server administrators only.

To accept the default shown in brackets, press the Enter key.
Choose a setup type [2]: 2

Enter the fully qualified domain name of the computer on which you're setting up server software. Using the form

To accept the default shown in brackets, press the Enter key.

Computer name []:


The servers must run as a specific user in a specific group.It is strongly recommended that this user should have no privileges on the computer (i.e. a non-root user). The setup procedure will give this user/group some permissions in specific paths/files to perform server-specific operations.

If you have not yet created a user and group for the servers,create this user and group using your native operating system utilities.

System User [nobody]: ldap
System Group [nobody]: ldap

Server information is stored in the configuration directory server. This information is used by the console and administration server to configure and manage your servers. If you have already set up a
configuration directory server, you should register any servers you set up or create with the configuration server. To do so, the following information about the configuration server is required: the
fully qualified host name of the form
.(e.g., the port number (default 389), the suffix, the DN and password of a user having permission to write the configuration information, usually the
configuration directory administrator, and if you are using security (TLS/SSL). If you are using TLS/SSL, specify the TLS/SSL (LDAPS) port number (default 636) instead of the regular LDAP port number, and provide the CA certificate (in PEM/ASCII format).

If you do not yet have a configuration directory server, enter 'No' to be prompted to set up one.

Do you want to register this software with an existing configuration directory server? [no]:


Please enter the administrator ID for the configuration directory server. This is the ID typically used to log in to the console. You will also be prompted for the password.

Configuration directory server
administrator ID [admin]:
Password (confirm):


The information stored in the configuration directory server can be separated into different Administration Domains. If you are managing multiple software releases at the same time, or managing information about multiple domains, you may use the Administration Domain to keep
them separate.

If you are not using administrative domains, press Enter to select the default. Otherwise, enter some descriptive, unique name for the administration domain, such as the name of the organization responsible for managing the domain.

Administration Domain []:
The standard directory server network port number is 389. However, if you are not logged as the superuser, or port 389 is in use, the default value will be a random unused port number greater than 1024.

If you want to use port 389, make sure that you are logged in as the superuser, that port 389 is not in use.

Directory server network port [389]:

Each instance of a directory server requires a unique identifier.
This identifier is used to name the various instance specific files and directories in the file system,
as well as for other uses as a server instance identifier.

Directory server identifier [server2]:
Error: the server already exists at '/etc/dirsrv/slapd-server2'
Please remove it first if you really want to recreate it,or use a different ServerIdentifier to create another instance.

Directory server identifier [server2]:


The suffix is the root of your directory tree. The suffix must be a valid DN.
It is recommended that you use the dc=domaincomponent suffix convention.
For example, if your domain is,

you should use dc=example,dc=com for your suffix.
Setup will create this initial suffix for you, but you may have more than one suffix.
Use the directory server utilities to create additional suffixes.

Suffix [dc=xais, dc=com]:

Certain directory server operations require an administrative user.
This user is referred to as the Directory Manager and typically has a bind Distinguished Name (DN) of cn=Directory Manager.

You will also be prompted for the password for this user. The password must be at least 8 characters long, and contain no spaces.
Press Control-B or type the word "back", then Enter to back up and start over.

Directory Manager DN [cn=Directory Manager]:
Password (confirm):


The Administration Server is separate from any of your web or application servers since it listens to a different port and access to it is restricted.

Pick a port number between 1024 and 65535 to run your Administration Server on. You should NOT use a port number which you plan to run a web or application server on, rather, select a number which you will remember and which will not be used for anything else.

Administration port [9830]:
The interactive phase is complete. The script will now set up your servers. Enter No or go Back if you want to change something.

Are you ready to set up your servers? [yes]:
Creating directory server . . .
Your new DS instance 'server2' was successfully created.
Creating the configuration directory server . . .
Beginning Admin Server creation . . .
Creating Admin Server files and directories . . .
Updating adm.conf . . .
Updating admpw . . .

Registering admin server with the configuration directory server . . .
Updating adm.conf with information from configuration directory server . . .
Updating the configuration for the httpd engine . . .
/usr/sbin/semanage: Port tcp/9830 already defined

Starting admin server . . .
The admin server was successfully started.
Admin server was successfully created, configured, and started.
Exiting . . .
Log file is '/tmp/setupotJ3mD.log'


It will show dialog box fill up Username and Password with Server Url(

Now Select Directory Server and click Open. New window will open like below, click at directory tab expand domain tree and click on people.

Creating New User:
Now right click on people and select option new -> user And enter the information for that user.
Now select the Posix User option and enter the required information and click ok.
*Ener Unique UID and GID(Same)
*Home Directory
*Login Shell /bin/bash

Now you have two options, First you can create user’s home directory at client box. And second you can create home directory of the user on server machine. Otherwise you will get “No Directory” message while you are trying to login.I am giving you both the methods.

Home Directory on Server :-
This method is same as windows or AD environment. When you create user’s home directory on server and share with NFS or automatically mount through autofs. Now Login on the server and create user’s home directory.
[root@389ldap ~]# mkdir /home/piyush
[root@389ldap ~]# chown 1001:1001 /home/piyush
[root@389ldap ~]#ll -d /home/piyush
drwxr-xr-x 30 1001 1001 4096 Dec 28 16:03 /home/piyush/
Now share user home directory with NFS
[root@389ldap ~]# vi /etc/exports
/home *(rw,sync)
Now restart nfs service.
[root@389ldap ~]# /etc/init.d/nfs restart
You have done with server setup, Now you need to setup client side.

On Client Side
Home Directory at client machine :-
Login at client box and create user’s directory.
[root@linuxbox ~]# mkdir /home/piyush
[root@linuxbox ~]# chown 1001:1001 /home/piyush
[root@master_hadoop ~]# yum -y install openldap-clients nss_ldap
Once your packages will install, you need to setup authentication section.
[root@master_hadoop ~]# system-config-authentication
#vi /etc/auto.master
/data5/testing123 /etc/auto.home --timeout=60
#vi /etc/auto.home
* -fstype=nfs,rw,soft,intr
Restart autofs service .
[root@master_hadoop ~]# /etc/init.d/autofs restart
Stopping automount: [ OK ]
Starting automount: [ OK ]
[root@master_hadoop ~]#
[root@master_hadoop ~]# vi /etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
############## Edited
netgroup: nisplus ldap
[root@server2~]#tcpdump port ldap -i eth0 -X -s 1024 -v
[root@server2~]#netstat -tulnap | grep slap

Saturday, March 5, 2011

How to know Size and Name of Installed rpm

Recently I have come in situation having low space. So I start thinking that how will I got the list of all RPM installed along with their size. So I have spend some time for searching and got the following nice command.

#rpm -qia|awk '$1=="Name" { n=$3} $1=="Size" {s=$3} $1=="Description" {print s  " " n }' |sort -n

Let me explain the above thing
1.) rpm -qia will list all installed rpms along with their all Info.
2.) send above output to awk. It will see if first column is "Name", then set value of Third column to n(variable).Similarly, If first column is "Size", then set value of Third column to s(variable).
                                   Note : If you just run rpn -qia then you will see that the row Having Name as first column have third column as its Actual Name and same with Size.

3.) Finally It Print Value of "s" and "n" variable and sort them in ascending order.

!Enjoy Linux

Friday, March 4, 2011

Using the /proc filesystem

                                          **The Proc File System**
Today I have come to know these all things about Proc File System. really so Interesting.

                                    The proc filesystem is a special filesystem found on most UNIX-based systems.It holds a great deal of information, in ASCII format, most of which is not very friendly to the average user.It is important that you keep in mind that the files under /proc are not kept on a physical storage, meaning they are subject to change after reboot. Also, they should not really be called files as they are pseudo-files, as they exist only in memory.
I break that rule on regular basis and intend to do that also in this article.
I’ve made a list of some of the files i find to be of most use.

/proc contains a directory named after the PID (process identification number) of each excising process on the system.
Lets take a look at some of the files found there.
Contains the command line used to launch the process.
This is a symbolic link to the current working directory of the process.
If you have a process with the PID 1234, then you can find out it’s current working directory by using the command “cd /proc/1234/cwd; /bin/pwd”
This file contains information about the processes status, such as it’s name, state, pid, parent pid, owner.
Contains all the arguments passed to the kernel at boot time.
Perhaps the most known one, it contains processor related information, such as the architecture, frequency and amount of cache found on the cpu.
A list of all the file systems supported by the current kernel.
Lines beginning with ‘nodev’ indicate non-physical filesystems such as network filesystems and proc.
Holds information regarding the load average of the system.
The first three fields are the same ones you get from ‘uptime’.
The fourth field consists of two numbers seperated by a slash, the first one represents the number of currently executing processes/threads. This number will not exceed the number of processors cores the system has.
The second number (the one after the slash) represents the number of processes/threads currently existing on the system.
The fifth field is the PID of the process most recently created.Now, this is where you need to be careful.If you execute ‘cat /proc/loadav’, then this number will represent the PID of the cat command you just executed!
Contains statistics about memory usage.
The command ‘free’ makes use of this file to build its output.
This directory holds alot of files rated to the networking layer.
All the files are ASCII structured and can be read.
Holds the arp table
Information such as the total number of received and transmitted packets and bytes by each network interface.
Holds the routing table, in hexademical format.
Holds information related to the current wireless connection, such as thequality and number of discarded packets.
Shows the amount of swap in use and the priority of the defined swap partitions.
Contains the current hostname of the system.
You can change this by executing “echo ‘newHostname’ > /proc/sys/kernel/hostname”
Specifies the maximum number of processess/threads that can excist at any given time on the system.
Compare this to the current number of processes/threads from the fourth field in /proc/loadavg
The value in this file controls how willing the kernel will be to swap memory.
If you raise this number, the kernel will want to swap more often, while lowering it will decrease his tendency to swap.
The default value is 60.
Contains two numbers, the first one tells you how long the system has been up (in seconds), while the second one tells you for how long it has been idle.
You can use something like:echo `cut -d’ ‘ -f2 /proc/uptime` / `cut -d’ ‘ -f1 /proc/uptime` | bc -l to get the percentage of idle time on your computer.
Contains virtual memory statistics
Controls whether the kernel will allow tcp forwarding.The default value is 0 which means forwarding is OFF.You can set this to 1 if you with to enable it…
Think: Internet connection sharing without password protection.

!Enjoy Linux

What is Zombie process in Linux?

Zombie process    

                                      On Unix and Unix-like computer operating systems, a zombie process or defunct process is a process that has completed execution but still has an entry in the process table. This entry is still needed to allow the process that started the (now zombie) process to read its exit status. The term zombie process derives from the common definition of zombie—an undead person. In the term's metaphor, the child process has "died" but has not yet been "reaped". Also, unlike normal processes, the kill command has no effect on a zombie process.

Finding if zombies exist

  • execute the top command
  • one line is tasks:
    • Example output:
      Tasks: 139 total,   2 running, 136 sleeping,   0 stopped,   1 zombie

Who is zombie

  • execute: ps aux | awk '{ print $8 " " $2 }' | grep -w Z
    • example output:
    • [root@server2~]#ps aux | awk '{print $8 " " $2}' | grep -w Z

    Kill the zombies

    zombies are living dead, so the aren't always easy to kill.
    • Try executing: kill -9 PID 
    • [root@server2~]#kill -9 5245
      [root@server2~]#ps aux | awk '{print $8 " " $2}' | grep -w Z
      Z 5245
    • If its still undead
      • get a cross or garlic, well reliable sources tell me the don't work. We must try something else
    • Kill the zombie's parent (process)
    • execute: ps efx
      • this will display a process (family) tree
      • find the command who is the PID matches the zombie then look at the parents and try killing them
    • example:
      5191 tty7     Ss+    0:14      \_ /usr/bin/Xorg :0 -br -audit 0 -aut /var/gdm/:0.Xauth -nolisten tcp vt7 bckclr=tput setb 7 HOSTNAME=server

    5213 ?        Ss     0:00                  \_ /usr/bin/gnome-session bckclr=tput setb 7  SSH_AGENT_PID=5253 HOSTNAME=server2 SHELL=/bin/bash TERM=dumb HI
     5245 ?        Z      0:00                         \_ [Xsession]
    • Xsession matches the PID above, 5245 
    • so in this example I would try killing
            5213 pts/1 Sl+ 1:29 /usr/bin/gnome-session
            5191 tty1 S 0:00 xterm -e /usr/bin/Xorg

    • Hopefully this will work 

    Kuldeep Sharma