Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # strace su ystone
- execve("/bin/su", ["su", "ystone"], [/* 82 vars */]) = 0
- brk(0) = 0x14f4000
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c287000
- access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
- open("/etc/ld.so.cache", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=378490, ...}) = 0
- mmap(NULL, 378490, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f733c22a000
- close(3) = 0
- open("/lib64/libpam.so.0", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200(\0\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=51616, ...}) = 0
- mmap(NULL, 2146840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f733be5b000
- mprotect(0x7f733be67000, 2093056, PROT_NONE) = 0
- mmap(0x7f733c066000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f733c066000
- close(3) = 0
- open("/lib64/libpam_misc.so.0", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\20\0\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=14376, ...}) = 0
- mmap(NULL, 2109712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f733bc57000
- mprotect(0x7f733bc59000, 2097152, PROT_NONE) = 0
- mmap(0x7f733be59000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f733be59000
- close(3) = 0
- open("/lib64/libc.so.6", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300#\2\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=1629392, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c229000
- mmap(NULL, 3738632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f733b8c6000
- mprotect(0x7f733ba4e000, 2093056, PROT_NONE) = 0
- mmap(0x7f733bc4d000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x187000) = 0x7f733bc4d000
- mmap(0x7f733bc52000, 19464, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f733bc52000
- close(3) = 0
- open("/lib64/libdl.so.2", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\17\0\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=14512, ...}) = 0
- mmap(NULL, 2109704, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f733b6c2000
- mprotect(0x7f733b6c4000, 2097152, PROT_NONE) = 0
- mmap(0x7f733b8c4000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f733b8c4000
- close(3) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c228000
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c227000
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c226000
- arch_prctl(ARCH_SET_FS, 0x7f733c227700) = 0
- mprotect(0x7f733b8c4000, 4096, PROT_READ) = 0
- mprotect(0x7f733bc4d000, 16384, PROT_READ) = 0
- mprotect(0x7f733be59000, 4096, PROT_READ) = 0
- mprotect(0x7f733c066000, 4096, PROT_READ) = 0
- mprotect(0x607000, 4096, PROT_READ) = 0
- mprotect(0x7f733c288000, 4096, PROT_READ) = 0
- munmap(0x7f733c22a000, 378490) = 0
- brk(0) = 0x14f4000
- brk(0x1515000) = 0x1515000
- open("/usr/lib64/locale/locale-archive", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=104197952, ...}) = 0
- mmap(NULL, 104197952, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f7335363000
- close(3) = 0
- getuid() = 0
- ioctl(0, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
- fstat(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0
- readlink("/proc/self/fd/0", "/dev/pts/3", 4095) = 10
- stat("/dev/pts/3", {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0
- ioctl(0, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
- open("/proc/self/loginuid", O_RDONLY) = 3
- read(3, "65534", 12) = 5
- close(3) = 0
- socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
- connect(3, {sa_family=AF_FILE, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
- close(3) = 0
- socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
- connect(3, {sa_family=AF_FILE, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
- close(3) = 0
- open("/etc/nsswitch.conf", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=513, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c286000
- read(3, "# /etc/nsswitch.conf:\n# $Header:"..., 4096) = 513
- read(3, "", 4096) = 0
- close(3) = 0
- munmap(0x7f733c286000, 4096) = 0
- open("/etc/ld.so.cache", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=378490, ...}) = 0
- mmap(NULL, 378490, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f733c22a000
- close(3) = 0
- open("/lib64/libnss_compat.so.2", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\25\0\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=31432, ...}) = 0
- mmap(NULL, 2127008, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f733515b000
- mprotect(0x7f7335162000, 2093056, PROT_NONE) = 0
- mmap(0x7f7335361000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f7335361000
- close(3) = 0
- open("/lib64/libnsl.so.1", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0pK\0\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=88880, ...}) = 0
- mmap(NULL, 2194096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7334f43000
- mprotect(0x7f7334f58000, 2093056, PROT_NONE) = 0
- mmap(0x7f7335157000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14000) = 0x7f7335157000
- mmap(0x7f7335159000, 6832, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7335159000
- close(3) = 0
- mprotect(0x7f7335157000, 4096, PROT_READ) = 0
- mprotect(0x7f7335361000, 4096, PROT_READ) = 0
- munmap(0x7f733c22a000, 378490) = 0
- open("/etc/ld.so.cache", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=378490, ...}) = 0
- mmap(NULL, 378490, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f733c22a000
- close(3) = 0
- open("/lib64/libnss_nis.so.2", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0&\0\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=47480, ...}) = 0
- mmap(NULL, 2143416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7334d37000
- mprotect(0x7f7334d41000, 2097152, PROT_NONE) = 0
- mmap(0x7f7334f41000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa000) = 0x7f7334f41000
- close(3) = 0
- open("/lib64/libnss_files.so.2", O_RDONLY) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240'\0\0\0\0\0\0"..., 832) = 832
- fstat(3, {st_mode=S_IFREG|0755, st_size=51544, ...}) = 0
- mmap(NULL, 2147768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7334b2a000
- mprotect(0x7f7334b36000, 2093056, PROT_NONE) = 0
- mmap(0x7f7334d35000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f7334d35000
- close(3) = 0
- mprotect(0x7f7334d35000, 4096, PROT_READ) = 0
- mprotect(0x7f7334f41000, 4096, PROT_READ) = 0
- munmap(0x7f733c22a000, 378490) = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
- fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
- fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
- lseek(3, 0, SEEK_CUR) = 0
- fstat(3, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 3, 0) = 0x7f733c286000
- lseek(3, 3091, SEEK_SET) = 3091
- munmap(0x7f733c286000, 3091) = 0
- close(3) = 0
- getuid() = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
- lseek(3, 0, SEEK_CUR) = 0
- fstat(3, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 3, 0) = 0x7f733c286000
- lseek(3, 3091, SEEK_SET) = 3091
- munmap(0x7f733c286000, 3091) = 0
- close(3) = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
- lseek(3, 0, SEEK_CUR) = 0
- fstat(3, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 3, 0) = 0x7f733c286000
- lseek(3, 3091, SEEK_SET) = 3091
- munmap(0x7f733c286000, 3091) = 0
- close(3) = 0
- stat("/etc/pam.d", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
- open("/etc/pam.d/su", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=1059, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c286000
- read(3, "#%PAM-1.0\n\nauth sufficient"..., 4096) = 1059
- open("/lib64/security/pam_rootok.so", O_RDONLY) = 4
- read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\5\0\0\0\0\0\0"..., 832) = 832
- fstat(4, {st_mode=S_IFREG|0755, st_size=5920, ...}) = 0
- mmap(NULL, 2101296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f7334928000
- mprotect(0x7f7334929000, 2093056, PROT_NONE) = 0
- mmap(0x7f7334b28000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0) = 0x7f7334b28000
- close(4) = 0
- mprotect(0x7f7334b28000, 4096, PROT_READ) = 0
- open("/lib64/security/pam_wheel.so", O_RDONLY) = 4
- read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\10\0\0\0\0\0\0"..., 832) = 832
- fstat(4, {st_mode=S_IFREG|0755, st_size=10080, ...}) = 0
- mmap(NULL, 2105456, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f7334725000
- mprotect(0x7f7334727000, 2093056, PROT_NONE) = 0
- mmap(0x7f7334926000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x7f7334926000
- close(4) = 0
- mprotect(0x7f7334926000, 4096, PROT_READ) = 0
- open("/etc/pam.d/system-auth", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=501, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c285000
- read(4, "auth\t\trequired\tpam_env.so \nauth\t"..., 4096) = 501
- open("/lib64/security/pam_env.so", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\r\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=14264, ...}) = 0
- mmap(NULL, 2109648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f7334521000
- mprotect(0x7f7334524000, 2093056, PROT_NONE) = 0
- mmap(0x7f7334723000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x2000) = 0x7f7334723000
- close(5) = 0
- mprotect(0x7f7334723000, 4096, PROT_READ) = 0
- open("/lib64/security/pam_unix.so", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000#\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=47576, ...}) = 0
- mmap(NULL, 2192096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f7334309000
- mprotect(0x7f7334314000, 2093056, PROT_NONE) = 0
- mmap(0x7f7334513000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xa000) = 0x7f7334513000
- mmap(0x7f7334515000, 45792, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7334515000
- close(5) = 0
- open("/etc/ld.so.cache", O_RDONLY) = 5
- fstat(5, {st_mode=S_IFREG|0644, st_size=378490, ...}) = 0
- mmap(NULL, 378490, PROT_READ, MAP_PRIVATE, 5, 0) = 0x7f733c1c9000
- close(5) = 0
- open("/lib64/libcrypt.so.1", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\v\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=34920, ...}) = 0
- mmap(NULL, 2318784, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f73340d2000
- mprotect(0x7f73340da000, 2093056, PROT_NONE) = 0
- mmap(0x7f73342d9000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x7000) = 0x7f73342d9000
- mmap(0x7f73342db000, 184768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f73342db000
- close(5) = 0
- mprotect(0x7f73342d9000, 4096, PROT_READ) = 0
- mprotect(0x7f7334513000, 4096, PROT_READ) = 0
- munmap(0x7f733c1c9000, 378490) = 0
- open("/lib64/security/pam_permit.so", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \6\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=5920, ...}) = 0
- mmap(NULL, 2101296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f7333ed0000
- mprotect(0x7f7333ed1000, 2093056, PROT_NONE) = 0
- mmap(0x7f73340d0000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0) = 0x7f73340d0000
- close(5) = 0
- mprotect(0x7f73340d0000, 4096, PROT_READ) = 0
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c285000, 4096) = 0
- open("/etc/pam.d/system-auth", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=501, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c285000
- read(4, "auth\t\trequired\tpam_env.so \nauth\t"..., 4096) = 501
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c285000, 4096) = 0
- open("/etc/pam.d/system-auth", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=501, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c285000
- read(4, "auth\t\trequired\tpam_env.so \nauth\t"..., 4096) = 501
- open("/lib64/security/pam_cracklib.so", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\r\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=14288, ...}) = 0
- mmap(NULL, 2109664, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f7333ccc000
- mprotect(0x7f7333ccf000, 2093056, PROT_NONE) = 0
- mmap(0x7f7333ece000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x2000) = 0x7f7333ece000
- close(5) = 0
- open("/etc/ld.so.cache", O_RDONLY) = 5
- fstat(5, {st_mode=S_IFREG|0644, st_size=378490, ...}) = 0
- mmap(NULL, 378490, PROT_READ, MAP_PRIVATE, 5, 0) = 0x7f733c1c9000
- close(5) = 0
- open("/lib64/libcrack.so.2", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000=\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=39208, ...}) = 0
- mmap(NULL, 2149504, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f7333abf000
- mprotect(0x7f7333ac8000, 2093056, PROT_NONE) = 0
- mmap(0x7f7333cc7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x8000) = 0x7f7333cc7000
- mmap(0x7f7333cc9000, 11392, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7333cc9000
- close(5) = 0
- open("/lib64/libz.so.1", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 $\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=88440, ...}) = 0
- mmap(NULL, 2183664, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f73338a9000
- mprotect(0x7f73338bd000, 2097152, PROT_NONE) = 0
- mmap(0x7f7333abd000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x14000) = 0x7f7333abd000
- close(5) = 0
- mprotect(0x7f7333abd000, 4096, PROT_READ) = 0
- mprotect(0x7f7333cc7000, 4096, PROT_READ) = 0
- mprotect(0x7f7333ece000, 4096, PROT_READ) = 0
- munmap(0x7f733c1c9000, 378490) = 0
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c285000, 4096) = 0
- open("/etc/pam.d/system-auth", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=501, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c285000
- read(4, "auth\t\trequired\tpam_env.so \nauth\t"..., 4096) = 501
- open("/lib64/security/pam_limits.so", O_RDONLY) = 5
- read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\22\0\0\0\0\0\0"..., 832) = 832
- fstat(5, {st_mode=S_IFREG|0755, st_size=18544, ...}) = 0
- mmap(NULL, 2113840, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f73336a4000
- mprotect(0x7f73336a8000, 2093056, PROT_NONE) = 0
- mmap(0x7f73338a7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x3000) = 0x7f73338a7000
- close(5) = 0
- mprotect(0x7f73338a7000, 4096, PROT_READ) = 0
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c285000, 4096) = 0
- open("/lib64/security/pam_xauth.so", O_RDONLY) = 4
- read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\30\0\0\0\0\0\0"..., 832) = 832
- fstat(4, {st_mode=S_IFREG|0755, st_size=18720, ...}) = 0
- mmap(NULL, 2114016, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f733349f000
- mprotect(0x7f73334a3000, 2093056, PROT_NONE) = 0
- mmap(0x7f73336a2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x7f73336a2000
- close(4) = 0
- mprotect(0x7f73336a2000, 4096, PROT_READ) = 0
- read(3, "", 4096) = 0
- close(3) = 0
- munmap(0x7f733c286000, 4096) = 0
- open("/etc/pam.d/other", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=128, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c286000
- read(3, "auth required\tpam_deny.so\n"..., 4096) = 128
- open("/lib64/security/pam_deny.so", O_RDONLY) = 4
- read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\5\0\0\0\0\0\0"..., 832) = 832
- fstat(4, {st_mode=S_IFREG|0755, st_size=5832, ...}) = 0
- mmap(NULL, 2101280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f733329d000
- mprotect(0x7f733329e000, 2093056, PROT_NONE) = 0
- mmap(0x7f733349d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0) = 0x7f733349d000
- close(4) = 0
- mprotect(0x7f733349d000, 4096, PROT_READ) = 0
- read(3, "", 4096) = 0
- close(3) = 0
- munmap(0x7f733c286000, 4096) = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
- lseek(3, 0, SEEK_CUR) = 0
- fstat(3, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 3, 0) = 0x7f733c286000
- lseek(3, 3091, SEEK_SET) = 3091
- munmap(0x7f733c286000, 3091) = 0
- close(3) = 0
- open("/etc/shells", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=126, ...}) = 0
- fstat(3, {st_mode=S_IFREG|0644, st_size=126, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c286000
- read(3, "# /etc/shells: valid login shell"..., 4096) = 126
- read(3, "", 4096) = 0
- close(3) = 0
- munmap(0x7f733c286000, 4096) = 0
- rt_sigaction(SIGINT, {SIG_IGN, [INT], SA_RESTORER|SA_RESTART, 0x7f733b8fbe00}, {SIG_DFL, [], 0}, 8) = 0
- rt_sigaction(SIGQUIT, {SIG_IGN, [QUIT], SA_RESTORER|SA_RESTART, 0x7f733b8fbe00}, {SIG_DFL, [], 0}, 8) = 0
- getuid() = 0
- getuid() = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
- lseek(3, 0, SEEK_CUR) = 0
- fstat(3, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 3, 0) = 0x7f733c286000
- lseek(3, 3091, SEEK_SET) = 3091
- munmap(0x7f733c286000, 3091) = 0
- close(3) = 0
- geteuid() = 0
- open("/etc/shadow", O_RDONLY|O_CLOEXEC) = 3
- lseek(3, 0, SEEK_CUR) = 0
- fstat(3, {st_mode=S_IFREG|0600, st_size=2022, ...}) = 0
- mmap(NULL, 2022, PROT_READ, MAP_SHARED, 3, 0) = 0x7f733c286000
- lseek(3, 2022, SEEK_SET) = 2022
- munmap(0x7f733c286000, 2022) = 0
- close(3) = 0
- rt_sigaction(SIGINT, {SIG_DFL, [INT], SA_RESTORER|SA_RESTART, 0x7f733b8fbe00}, {SIG_IGN, [INT], SA_RESTORER|SA_RESTART, 0x7f733b8fbe00}, 8) = 0
- rt_sigaction(SIGQUIT, {SIG_DFL, [QUIT], SA_RESTORER|SA_RESTART, 0x7f733b8fbe00}, {SIG_IGN, [QUIT], SA_RESTORER|SA_RESTART, 0x7f733b8fbe00}, 8) = 0
- open("/etc/login.defs", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=10447, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c286000
- read(3, "#\n# /etc/login.defs - Configurat"..., 4096) = 4096
- read(3, "ogin configuration initializatio"..., 4096) = 4096
- read(3, "HA512.\n#\n# Define the number of "..., 4096) = 2255
- read(3, "", 4096) = 0
- close(3) = 0
- munmap(0x7f733c286000, 4096) = 0
- open("/etc/localtime", O_RDONLY) = 3
- fstat(3, {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0
- fstat(3, {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c286000
- read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\f\0\0\0\f\0\0\0\0"..., 4096) = 2945
- lseek(3, -1863, SEEK_CUR) = 1082
- read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\r\0\0\0\r\0\0\0\0"..., 4096) = 1863
- close(3) = 0
- munmap(0x7f733c286000, 4096) = 0
- getpid() = 14046
- socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
- connect(3, {sa_family=AF_FILE, sun_path="/dev/log"}, 110) = -1 EPROTOTYPE (Protocol wrong type for socket)
- close(3) = 0
- socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC, 0) = 3
- connect(3, {sa_family=AF_FILE, sun_path="/dev/log"}, 110) = 0
- sendto(3, "<86>Jul 22 23:38:05 su[14046]: S"..., 66, MSG_NOSIGNAL, NULL, 0) = 66
- sendto(3, "<86>Jul 22 23:38:05 su[14046]: +"..., 58, MSG_NOSIGNAL, NULL, 0) = 58
- setgid(1970) = 0
- open("/proc/sys/kernel/ngroups_max", O_RDONLY) = 4
- read(4, "65536\n", 31) = 6
- close(4) = 0
- socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
- connect(4, {sa_family=AF_FILE, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
- close(4) = 0
- socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
- connect(4, {sa_family=AF_FILE, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
- close(4) = 0
- open("/etc/group", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_CUR) = 0
- fstat(4, {st_mode=S_IFREG|0644, st_size=1558, ...}) = 0
- mmap(NULL, 1558, PROT_READ, MAP_SHARED, 4, 0) = 0x7f733c286000
- lseek(4, 1558, SEEK_SET) = 1558
- fstat(4, {st_mode=S_IFREG|0644, st_size=1558, ...}) = 0
- munmap(0x7f733c286000, 1558) = 0
- close(4) = 0
- setgroups(12, [1970, 7, 18, 19, 27, 80, 85, 100, 1003, 2000, 2006, 35]) = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_CUR) = 0
- fstat(4, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 4, 0) = 0x7f733c286000
- lseek(4, 3091, SEEK_SET) = 3091
- munmap(0x7f733c286000, 3091) = 0
- close(4) = 0
- getrlimit(RLIMIT_CPU, {rlim_cur=RLIM64_INFINITY, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_FSIZE, {rlim_cur=RLIM64_INFINITY, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_DATA, {rlim_cur=RLIM64_INFINITY, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_RSS, {rlim_cur=RLIM64_INFINITY, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_NPROC, {rlim_cur=63690, rlim_max=63690}) = 0
- getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
- getrlimit(RLIMIT_MEMLOCK, {rlim_cur=64*1024, rlim_max=64*1024}) = 0
- getrlimit(RLIMIT_AS, {rlim_cur=RLIM64_INFINITY, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_LOCKS, {rlim_cur=RLIM64_INFINITY, rlim_max=RLIM64_INFINITY}) = 0
- getrlimit(RLIMIT_SIGPENDING, {rlim_cur=63690, rlim_max=63690}) = 0
- getrlimit(RLIMIT_MSGQUEUE, {rlim_cur=800*1024, rlim_max=800*1024}) = 0
- getrlimit(RLIMIT_NICE, {rlim_cur=0, rlim_max=0}) = 0
- getrlimit(RLIMIT_RTPRIO, {rlim_cur=0, rlim_max=0}) = 0
- getpriority(PRIO_PROCESS, 0) = 20
- open("/etc/security/limits.conf", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=1825, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c286000
- read(4, "# /etc/security/limits.conf\n#\n#E"..., 4096) = 1825
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c286000, 4096) = 0
- open("/etc/security/limits.d", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 4
- getdents(4, /* 2 entries */, 32768) = 48
- open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 5
- fstat(5, {st_mode=S_IFREG|0644, st_size=26244, ...}) = 0
- mmap(NULL, 26244, PROT_READ, MAP_SHARED, 5, 0) = 0x7f733c280000
- close(5) = 0
- getdents(4, /* 0 entries */, 32768) = 0
- close(4) = 0
- setpriority(PRIO_PROCESS, 0, 0) = 0
- open("/etc/security/pam_env.conf", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=2980, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c27f000
- read(4, "#\n# This is the configuration fi"..., 4096) = 2980
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c27f000, 4096) = 0
- open("/etc/environment", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=97, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c27f000
- read(4, "#\n# This file is parsed by pam_e"..., 4096) = 97
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c27f000, 4096) = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_CUR) = 0
- fstat(4, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 4, 0) = 0x7f733c27f000
- lseek(4, 3091, SEEK_SET) = 3091
- munmap(0x7f733c27f000, 3091) = 0
- close(4) = 0
- stat("/home/ystone/.pam_environment", 0x7fffd2603910) = -1 ENOENT (No such file or directory)
- getuid() = 0
- access("/var/run/utmpx", F_OK) = -1 ENOENT (No such file or directory)
- open("/var/run/utmp", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_SET) = 0
- alarm(0) = 0
- rt_sigaction(SIGALRM, {0x7f733b9da040, [], SA_RESTORER, 0x7f733b8fbe00}, {SIG_DFL, [], 0}, 8) = 0
- alarm(10) = 0
- fcntl(4, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0}) = 0
- read(4, "\2\0\0\0\0\0\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\10\0\0\0\242\6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\10\0\0\0~\n\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\6\0\0\0\371\f\0\0tty2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\6\0\0\0\373\f\0\0tty4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\6\0\0\0\374\f\0\0tty5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\6\0\0\0\370\f\0\0tty1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\6\0\0\0\375\f\0\0tty6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\6\0\0\0\372\f\0\0tty3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "\7\0\0\0W\r\0\0tty7\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
- read(4, "", 384) = 0
- fcntl(4, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
- alarm(0) = 10
- rt_sigaction(SIGALRM, {SIG_DFL, [], SA_RESTORER, 0x7f733b8fbe00}, NULL, 8) = 0
- close(4) = 0
- getuid() = 0
- sendto(3, "<86>Jul 22 23:38:05 su[14046]: p"..., 97, MSG_NOSIGNAL, NULL, 0) = 97
- open("/etc/security/pam_env.conf", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=2980, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c27f000
- read(4, "#\n# This is the configuration fi"..., 4096) = 2980
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c27f000, 4096) = 0
- open("/etc/environment", O_RDONLY) = 4
- fstat(4, {st_mode=S_IFREG|0644, st_size=97, ...}) = 0
- mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f733c27f000
- read(4, "#\n# This file is parsed by pam_e"..., 4096) = 97
- read(4, "", 4096) = 0
- close(4) = 0
- munmap(0x7f733c27f000, 4096) = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_CUR) = 0
- fstat(4, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 4, 0) = 0x7f733c27f000
- lseek(4, 3091, SEEK_SET) = 3091
- munmap(0x7f733c27f000, 3091) = 0
- close(4) = 0
- stat("/home/ystone/.pam_environment", 0x7fffd2603910) = -1 ENOENT (No such file or directory)
- access("/usr/bin/xauth", X_OK) = 0
- getuid() = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_CUR) = 0
- fstat(4, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 4, 0) = 0x7f733c27f000
- lseek(4, 3091, SEEK_SET) = 3091
- munmap(0x7f733c27f000, 3091) = 0
- close(4) = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_CUR) = 0
- fstat(4, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 4, 0) = 0x7f733c27f000
- lseek(4, 3091, SEEK_SET) = 3091
- munmap(0x7f733c27f000, 3091) = 0
- close(4) = 0
- getuid() = 0
- open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
- lseek(4, 0, SEEK_CUR) = 0
- fstat(4, {st_mode=S_IFREG|0644, st_size=3091, ...}) = 0
- mmap(NULL, 3091, PROT_READ, MAP_SHARED, 4, 0) = 0x7f733c27f000
- lseek(4, 3091, SEEK_SET) = 3091
- munmap(0x7f733c27f000, 3091) = 0
- close(4) = 0
- geteuid() = 0
- stat("/root/.xauth/export", 0x7fffd2603730) = -1 ENOENT (No such file or directory)
- setuid(1970) = 0
- close(3) = 0
- clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f733c2279d0) = 14047
- rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], NULL, 8) = 0
- rt_sigaction(SIGTERM, {0x4026b0, [], SA_RESTORER, 0x7f733b8fbe00}, NULL, 8) = 0
- rt_sigprocmask(SIG_UNBLOCK, [ALRM TERM], NULL, 8) = 0
- wait4(-1, bash: /home/ystone/.bashrc: Permission non accordée
- ystone@JANUS /root $
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement