Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1793 execve("/usr/bin/sudo", ["sudo", "id"], [/* 23 vars */]) = 0
- 1793 brk(0) = 0x8196000
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7891000
- 1793 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
- 1793 open("/etc/ld.so.cache", O_RDONLY) = 3
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=84753, ...}) = 0
- 1793 mmap2(NULL, 84753, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb787c000
- 1793 close(3) = 0
- 1793 open("/lib/libutil.so.1", O_RDONLY) = 3
- 1793 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\t\0\0004\0\0\0"..., 512) = 512
- 1793 fstat64(3, {st_mode=S_IFREG|0755, st_size=9676, ...}) = 0
- 1793 mmap2(NULL, 12424, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7878000
- 1793 mmap2(0xb787a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb787a000
- 1793 close(3) = 0
- 1793 open("/lib/libpam.so.0", O_RDONLY) = 3
- 1793 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\27\0\0004\0\0\0"..., 512) = 512
- 1793 fstat64(3, {st_mode=S_IFREG|0755, st_size=42936, ...}) = 0
- 1793 mmap2(NULL, 41676, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb786d000
- 1793 mmap2(0xb7877000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa) = 0xb7877000
- 1793 close(3) = 0
- 1793 open("/usr/lib/libz.so.1", O_RDONLY) = 3
- 1793 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\25\0\0004\0\0\0"..., 512) = 512
- 1793 fstat64(3, {st_mode=S_IFREG|0755, st_size=90728, ...}) = 0
- 1793 mmap2(NULL, 82604, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7858000
- 1793 mmap2(0xb786c000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14) = 0xb786c000
- 1793 close(3) = 0
- 1793 open("/lib/libc.so.6", O_RDONLY) = 3
- 1793 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320m\1\0004\0\0\0"..., 512) = 512
- 1793 fstat64(3, {st_mode=S_IFREG|0755, st_size=1347968, ...}) = 0
- 1793 mmap2(NULL, 1358280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb770c000
- 1793 mprotect(0xb7851000, 4096, PROT_NONE) = 0
- 1793 mmap2(0xb7852000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x145) = 0xb7852000
- 1793 mmap2(0xb7855000, 10696, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7855000
- 1793 close(3) = 0
- 1793 open("/lib/libdl.so.2", O_RDONLY) = 3
- 1793 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \n\0\0004\0\0\0"..., 512) = 512
- 1793 fstat64(3, {st_mode=S_IFREG|0755, st_size=9668, ...}) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb770b000
- 1793 mmap2(NULL, 12408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7707000
- 1793 mmap2(0xb7709000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7709000
- 1793 close(3) = 0
- 1793 open("/lib/libcrypt.so.1", O_RDONLY) = 3
- 1793 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \7\0\0004\0\0\0"..., 512) = 512
- 1793 fstat64(3, {st_mode=S_IFREG|0755, st_size=34192, ...}) = 0
- 1793 mmap2(NULL, 196956, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb76d6000
- 1793 mmap2(0xb76de000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7) = 0xb76de000
- 1793 mmap2(0xb76e0000, 155996, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb76e0000
- 1793 close(3) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb76d5000
- 1793 set_thread_area({entry_number:-1 -> 6, base_addr:0xb76d56c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
- 1793 mprotect(0xb76de000, 4096, PROT_READ) = 0
- 1793 mprotect(0xb7709000, 4096, PROT_READ) = 0
- 1793 mprotect(0xb7852000, 8192, PROT_READ) = 0
- 1793 mprotect(0xb787a000, 4096, PROT_READ) = 0
- 1793 mprotect(0xb78af000, 4096, PROT_READ) = 0
- 1793 munmap(0xb787c000, 84753) = 0
- 1793 brk(0) = 0x8196000
- 1793 brk(0x81b7000) = 0x81b7000
- 1793 open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = 3
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=3210272, ...}) = 0
- 1793 mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb74d5000
- 1793 close(3) = 0
- 1793 geteuid32() = 0
- 1793 rt_sigaction(SIGINT, {SIG_IGN, [], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- 1793 rt_sigaction(SIGQUIT, {SIG_IGN, [], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- 1793 rt_sigaction(SIGTSTP, {SIG_IGN, [], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- 1793 getrlimit(RLIMIT_NPROC, {rlim_cur=16048, rlim_max=16048}) = 0
- 1793 setrlimit(RLIMIT_NPROC, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
- 1793 getrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM_INFINITY}) = 0
- 1793 setrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM_INFINITY}) = 0
- 1793 fcntl64(0, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
- 1793 fcntl64(1, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
- 1793 fcntl64(2, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
- 1793 open("/etc/nsswitch.conf", O_RDONLY) = 3
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=223, ...}) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7890000
- 1793 read(3, "# Begin /etc/nsswitch.conf\n\npass"..., 4096) = 223
- 1793 read(3, "", 4096) = 0
- 1793 close(3) = 0
- 1793 munmap(0xb7890000, 4096) = 0
- 1793 open("/etc/ld.so.cache", O_RDONLY) = 3
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=84753, ...}) = 0
- 1793 mmap2(NULL, 84753, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb787c000
- 1793 close(3) = 0
- 1793 open("/lib/libnss_files.so.2", O_RDONLY) = 3
- 1793 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\31\0\0004\0\0\0"..., 512) = 512
- 1793 fstat64(3, {st_mode=S_IFREG|0755, st_size=42496, ...}) = 0
- 1793 mmap2(NULL, 45772, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb74c9000
- 1793 mmap2(0xb74d3000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9) = 0xb74d3000
- 1793 close(3) = 0
- 1793 mprotect(0xb74d3000, 4096, PROT_READ) = 0
- 1793 munmap(0xb787c000, 84753) = 0
- 1793 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
- 1793 fcntl64(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=488, ...}) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7890000
- 1793 _llseek(3, 0, [0], SEEK_CUR) = 0
- 1793 open("/etc/group", O_RDONLY|O_CLOEXEC) = 4
- 1793 fstat64(4, {st_mode=S_IFREG|0644, st_size=511, ...}) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb788f000
- 1793 _llseek(4, 0, [0], SEEK_CUR) = 0
- 1793 socket(PF_NETLINK, SOCK_RAW, 0) = 5
- 1793 bind(5, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
- 1793 getsockname(5, {sa_family=AF_NETLINK, pid=1793, groups=00000000}, [12]) = 0
- 1793 time(NULL) = 1291320622
- 1793 sendto(5, "\24\0\0\0\22\0\1\3.\375\367L\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
- 1793 recvmsg(5, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\250\1\0\0\20\0\2\0.\375\367L\1\7\0\0\0\0\4\3\1\0\0\0I\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 1300
- 1793 recvmsg(5, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0.\375\367L\1\7\0\0\0\0\0\0\1\0\0\0I\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
- 1793 sendto(5, "\24\0\0\0\26\0\1\3/\375\367L\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
- 1793 recvmsg(5, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0/\375\367L\1\7\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 48
- 1793 recvmsg(5, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0/\375\367L\1\7\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 128
- 1793 recvmsg(5, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0/\375\367L\1\7\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
- 1793 close(5) = 0
- 1793 open("/etc/localtime", O_RDONLY) = 5
- 1793 fstat64(5, {st_mode=S_IFREG|0644, st_size=2309, ...}) = 0
- 1793 fstat64(5, {st_mode=S_IFREG|0644, st_size=2309, ...}) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb788e000
- 1793 read(5, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\10\0\0\0\10\0\0\0\0"..., 4096) = 2309
- 1793 _llseek(5, -28, [2281], SEEK_CUR) = 0
- 1793 read(5, "\nCET-1CEST,M3.5.0,M10.5.0/3\n", 4096) = 28
- 1793 close(5) = 0
- 1793 munmap(0xb788e000, 4096) = 0
- 1793 uname({sys="Linux", node="archontour", ...}) = 0
- 1793 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
- 1793 readlink("/proc/self/fd/0", "/dev/tty1", 4095) = 9
- 1793 getuid32() = 0
- 1793 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 5
- 1793 connect(5, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
- 1793 close(5) = 0
- 1793 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 5
- 1793 connect(5, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
- 1793 close(5) = 0
- 1793 _llseek(3, 0, [0], SEEK_SET) = 0
- 1793 read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 488
- 1793 close(3) = 0
- 1793 munmap(0xb7890000, 4096) = 0
- 1793 getgroups32(0, NULL) = 8
- 1793 getgroups32(8, [0, 1, 2, 3, 4, 6, 10, 19]) = 8
- 1793 setresgid32(-1, 0, -1) = 0
- 1793 setresuid32(0, 0, 0) = 0
- 1793 getcwd("/root", 4096) = 6
- 1793 setresuid32(0, 0, 0) = 0
- 1793 setresgid32(-1, 0, -1) = 0
- 1793 lstat64("/etc/sudoers", {st_mode=S_IFREG|0440, st_size=2849, ...}) = 0
- 1793 setresgid32(-1, 0, -1) = 0
- 1793 setresuid32(0, 1, 0) = 0
- 1793 open("/etc/sudoers", O_RDONLY) = -1 EACCES (Permission denied)
- 1793 setresuid32(0, 0, 0) = 0
- 1793 setresgid32(-1, 0, -1) = 0
- 1793 open("/usr/share/locale/locale.alias", O_RDONLY) = 3
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=2570, ...}) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7890000
- 1793 read(3, "# Locale name alias data base.\n#"..., 4096) = 2570
- 1793 read(3, "", 4096) = 0
- 1793 close(3) = 0
- 1793 munmap(0xb7890000, 4096) = 0
- 1793 open("/usr/share/locale/de_DE.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
- 1793 open("/usr/share/locale/de_DE/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
- 1793 open("/usr/share/locale/de.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
- 1793 open("/usr/share/locale/de/LC_MESSAGES/libc.mo", O_RDONLY) = 3
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=123193, ...}) = 0
- 1793 mmap2(NULL, 123193, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb74aa000
- 1793 close(3) = 0
- 1793 open("/usr/lib/gconv/gconv-modules.cache", O_RDONLY) = -1 ENOENT (No such file or directory)
- 1793 open("/usr/lib/gconv/gconv-modules", O_RDONLY) = 3
- 1793 fstat64(3, {st_mode=S_IFREG|0644, st_size=56028, ...}) = 0
- 1793 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7890000
- 1793 read(3, "# GNU libc iconv configuration.\n"..., 4096) = 4096
- 1793 read(3, "B1.002//\nalias\tJS//\t\t\tJUS_I.B1.0"..., 4096) = 4096
- 1793 read(3, "59-3\t1\nmodule\tINTERNAL\t\tISO-8859"..., 4096) = 4096
- 1793 read(3, "859-14//\nalias\tISO-IR-199//\t\tISO"..., 4096) = 4096
- 1793 read(3, "CDIC-DK-NO-A//\tEBCDIC-DK-NO-A\t1\n"..., 4096) = 4096
- 1793 read(3, "\t\tIBM281//\t\tIBM281\t\t1\n\n#\tfrom\t\t\t"..., 4096) = 4096
- 1793 read(3, "\tIBM863\t\t1\n\n#\tfrom\t\t\tto\t\t\tmodule"..., 4096) = 4096
- 1793 read(3, "//\t\tIBM937//\nalias\tCSIBM937//\t\tI"..., 4096) = 4096
- 1793 read(3, "JAPANESE//\tEUC-JP//\nalias\tOSF000"..., 4096) = 4096
- 1793 read(3, "MACINTOSH//\t\tMACINTOSH\t1\n\n#\tfrom"..., 4096) = 4096
- 1793 read(3, "367-BOX//\nalias\tISO_10367BOX//\t\t"..., 4096) = 4096
- 1793 read(3, "EUC-JISX0213//\t\tINTERNAL\t\tEUC-JI"..., 4096) = 4096
- 1793 read(3, "/\t\tIBM1130//\nalias\tCSIBM1130//\t\t"..., 4096) = 4096
- 1793 read(3, "\t1\n\n#\tfrom\t\t\tto\t\t\tmodule\t\tcost\na"..., 4096) = 2780
- 1793 read(3, "", 4096) = 0
- 1793 close(3) = 0
- 1793 munmap(0xb7890000, 4096) = 0
- 1793 write(2, "sudo", 4) = 4
- 1793 write(2, ": ", 2) = 2
- 1793 write(2, "can't open /etc/sudoers", 23) = 23
- 1793 write(2, ": ", 2) = 2
- 1793 write(2, "Keine Berechtigung", 18) = 18
- 1793 write(2, "\n", 1) = 1
- 1793 time(NULL) = 1291320622
- 1793 socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
- 1793 connect(3, {sa_family=AF_FILE, path="/dev/log"}, 110) = -1 EPROTOTYPE (Protocol wrong type for socket)
- 1793 close(3) = 0
- 1793 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
- 1793 connect(3, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
- 1793 send(3, "<33>Dec 2 21:10:22 sudo: ro"..., 118, MSG_NOSIGNAL) = 118
- 1793 close(3) = 0
- 1793 write(2, "sudo", 4) = 4
- 1793 write(2, ": ", 2) = 2
- 1793 write(2, "no valid sudoers sources found, "..., 40) = 40
- 1793 write(2, "\n", 1) = 1
- 1793 time(NULL) = 1291320622
- 1793 socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
- 1793 connect(3, {sa_family=AF_FILE, path="/dev/log"}, 110) = -1 EPROTOTYPE (Protocol wrong type for socket)
- 1793 close(3) = 0
- 1793 socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
- 1793 connect(3, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
- 1793 send(3, "<33>Dec 2 21:10:22 sudo: ro"..., 114, MSG_NOSIGNAL) = 114
- 1793 close(3) = 0
- 1793 close(4) = 0
- 1793 munmap(0xb788f000, 4096) = 0
- 1793 exit_group(1) = ?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement