System/Kernel
[dwight@paper ~]$ file /bin/bash ; uname -a ; cat /etc/*release
/bin/bash: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=ebafb781bdd70ad0aea14f5a765a67a5519e4561, stripped
linux paper 4.18.0-348.7.1.el8_5.x86_64 #1 smp wed dec 22 13:25:12 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
CentOS Linux release 8.5.2111
NAME="CentOS Linux"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
platform_id="platform:el8"
PRETTY_NAME="CentOS Linux 8"
ANSI_COLOR="0;31"
cpe_name="cpe:/o:centos:centos:8"
home_url="https://centos.org/"
bug_report_url="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"
CentOS Linux release 8.5.2111
CentOS Linux release 8.5.21114.18.0-348.7.1.el8_5.x86_64
x86_64
CentOS Linux release 8.5.2111
Networks
[dwight@paper ~]$ netstat -antup4
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:48320 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 2398/node
tcp 0 0 127.0.0.1:33060 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 1 0 127.0.0.1:58264 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:33650 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:33370 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:60062 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:33680 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:33650 127.0.0.1:27017 ESTABLISHED -
tcp 0 0 127.0.0.1:27017 127.0.0.1:33652 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33624 FIN_WAIT2 -
tcp 0 0 127.0.0.1:27017 127.0.0.1:33662 ESTABLISHED -
tcp 0 0 127.0.0.1:33652 127.0.0.1:27017 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33668 ESTABLISHED -
tcp 1 0 127.0.0.1:33656 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:27017 127.0.0.1:33666 ESTABLISHED -
tcp 1 0 127.0.0.1:33416 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33680 FIN_WAIT2 -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33676 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:56958 ESTABLISHED -
tcp 1 0 127.0.0.1:33620 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33632 TIME_WAIT -
tcp 1 0 127.0.0.1:59858 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:33672 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:48320 127.0.0.1:59358 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33524 TIME_WAIT -
tcp 0 804 10.10.11.143:22 10.10.14.3:54154 ESTABLISHED -
tcp 0 0 10.10.11.143:22 10.10.14.3:48980 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33636 TIME_WAIT -
tcp 0 0 127.0.0.1:33662 127.0.0.1:27017 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33672 FIN_WAIT2 -
tcp 1 0 127.0.0.1:33612 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33644 TIME_WAIT -
tcp 0 0 127.0.0.1:27017 127.0.0.1:33650 ESTABLISHED -
tcp 0 0 127.0.0.1:33672 127.0.0.1:27017 ESTABLISHED -
tcp 0 0 127.0.0.1:56960 127.0.0.1:48320 ESTABLISHED 2448/node
tcp 0 0 127.0.0.1:33668 127.0.0.1:48320 ESTABLISHED -
tcp 0 0 127.0.0.1:33666 127.0.0.1:27017 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33664 TIME_WAIT -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33628 TIME_WAIT -
tcp 0 0 127.0.0.1:56958 127.0.0.1:48320 ESTABLISHED 2398/node
tcp 0 0 127.0.0.1:33646 127.0.0.1:27017 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33650 FIN_WAIT2 -
tcp 0 0 127.0.0.1:59358 127.0.0.1:48320 ESTABLISHED 11027/node
tcp 0 0 127.0.0.1:48320 127.0.0.1:33656 FIN_WAIT2 -
tcp 1 0 127.0.0.1:60152 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:32872 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33660 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33616 TIME_WAIT -
tcp 1 0 127.0.0.1:60070 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:33660 127.0.0.1:48320 ESTABLISHED -
tcp 0 0 127.0.0.1:33644 127.0.0.1:27017 ESTABLISHED -
tcp 0 0 127.0.0.1:27017 127.0.0.1:33644 ESTABLISHED -
tcp 0 0 127.0.0.1:48320 127.0.0.1:33652 TIME_WAIT -
tcp 0 0 127.0.0.1:27017 127.0.0.1:33646 ESTABLISHED -
tcp 1 0 127.0.0.1:57352 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:33624 127.0.0.1:48320 CLOSE_WAIT -
tcp 1 0 127.0.0.1:58236 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:33676 127.0.0.1:48320 ESTABLISHED -
tcp 1 0 127.0.0.1:33608 127.0.0.1:48320 CLOSE_WAIT -
tcp 0 0 127.0.0.1:48320 127.0.0.1:56960 ESTABLISHED -
tcp 0 0 127.0.0.1:27017 127.0.0.1:33672 ESTABLISHED -
udp 0 0 192.168.122.1:53 0.0.0.0:* -
udp 0 0 0.0.0.0:67 0.0.0.0:* -
udp 0 0 0.0.0.0:38113 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp 0 0 127.0.0.1:323 0.0.0.0:* - 127.0.0.1:48320
127.0.0.1:8000
127.0.0.1:33060
127.0.0.1:27017
127.0.0.1:3306
192.168.122.1:53
Users & Groups
[dwight@paper ~]$ cat /etc/passwd ; ls -lasht /home
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
systemd-coredump:x:999:997:systemd Core Dumper:/:/sbin/nologin
systemd-resolve:x:193:193:systemd Resolver:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
geoclue:x:997:994:User for geoclue:/var/lib/geoclue:/sbin/nologin
rtkit:x:172:172:RealtimeKit:/proc:/sbin/nologin
qemu:x:107:107:qemu user:/:/sbin/nologin
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
cockpit-ws:x:996:993:User for cockpit-ws:/:/sbin/nologin
pulse:x:171:171:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
unbound:x:995:990:Unbound DNS resolver:/etc/unbound:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
gluster:x:994:989:GlusterFS daemons:/run/gluster:/sbin/nologin
chrony:x:993:987::/var/lib/chrony:/sbin/nologin
libstoragemgmt:x:992:986:daemon account for libstoragemgmt:/var/run/lsm:/sbin/nologin
saslauth:x:991:76:Saslauthd user:/run/saslauthd:/sbin/nologin
dnsmasq:x:985:985:Dnsmasq DHCP and DNS server:/var/lib/dnsmasq:/sbin/nologin
radvd:x:75:75:radvd user:/:/sbin/nologin
clevis:x:984:983:Clevis Decryption Framework unprivileged user:/var/cache/clevis:/sbin/nologin
pegasus:x:66:65:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologin
sssd:x:983:981:User for sssd:/:/sbin/nologin
colord:x:982:980:User for colord:/var/lib/colord:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
setroubleshoot:x:981:979::/var/lib/setroubleshoot:/sbin/nologin
pipewire:x:980:978:PipeWire System Daemon:/var/run/pipewire:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
gnome-initial-setup:x:979:977::/run/gnome-initial-setup/:/sbin/nologin
insights:x:978:976:Red Hat Insights:/var/lib/insights:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/sbin/nologin
nginx:x:977:975:Nginx web server:/var/lib/nginx:/sbin/nologin
mongod:x:976:974:mongod:/var/lib/mongo:/bin/false
rocketchat:x:1001:1001::/home/rocketchat:/bin/bash
dwight:x:1004:1004::/home/dwight:/bin/bash
total 0
0 drwx------ 11 dwight dwight 281 Feb 6 2022 dwight
0 dr-xr-xr-x. 17 root root 244 Jan 17 2022 ..
0 drwxr-xr-x. 3 root root 20 Jan 14 2022 .[dwight@paper ~]$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(bin) gid=1(bin) groups=1(bin)
uid=2(daemon) gid=2(daemon) groups=2(daemon)
uid=3(adm) gid=4(adm) groups=4(adm)
uid=4(lp) gid=7(lp) groups=7(lp)
uid=5(sync) gid=0(root) groups=0(root)
uid=6(shutdown) gid=0(root) groups=0(root)
uid=7(halt) gid=0(root) groups=0(root)
uid=8(mail) gid=12(mail) groups=12(mail)
uid=11(operator) gid=0(root) groups=0(root)
uid=12(games) gid=100(users) groups=100(users)
uid=14(ftp) gid=50(ftp) groups=50(ftp)
uid=65534(nobody) gid=65534(nobody) groups=65534(nobody)
uid=81(dbus) gid=81(dbus) groups=81(dbus)
uid=999(systemd-coredump) gid=997(systemd-coredump) groups=997(systemd-coredump)
uid=193(systemd-resolve) gid=193(systemd-resolve) groups=193(systemd-resolve)
uid=59(tss) gid=59(tss) groups=59(tss)
uid=998(polkitd) gid=996(polkitd) groups=996(polkitd)
uid=997(geoclue) gid=994(geoclue) groups=994(geoclue)
uid=172(rtkit) gid=172(rtkit) groups=172(rtkit)
uid=107(qemu) gid=107(qemu) groups=107(qemu),36(kvm)
uid=48(apache) gid=48(apache) groups=48(apache)
uid=996(cockpit-ws) gid=993(cockpit-ws) groups=993(cockpit-ws)
uid=171(pulse) gid=171(pulse) groups=171(pulse)
uid=113(usbmuxd) gid=113(usbmuxd) groups=113(usbmuxd)
uid=995(unbound) gid=990(unbound) groups=990(unbound)
uid=32(rpc) gid=32(rpc) groups=32(rpc)
uid=994(gluster) gid=989(gluster) groups=989(gluster)
uid=993(chrony) gid=987(chrony) groups=987(chrony)
uid=992(libstoragemgmt) gid=986(libstoragemgmt) groups=986(libstoragemgmt)
uid=991(saslauth) gid=76(saslauth) groups=76(saslauth)
uid=985(dnsmasq) gid=985(dnsmasq) groups=985(dnsmasq)
uid=75(radvd) gid=75(radvd) groups=75(radvd)
uid=984(clevis) gid=983(clevis) groups=983(clevis),59(tss)
uid=66(pegasus) gid=65(pegasus) groups=65(pegasus)
uid=983(sssd) gid=981(sssd) groups=981(sssd)
uid=982(colord) gid=980(colord) groups=980(colord)
uid=29(rpcuser) gid=29(rpcuser) groups=29(rpcuser)
uid=981(setroubleshoot) gid=979(setroubleshoot) groups=979(setroubleshoot)
uid=980(pipewire) gid=978(pipewire) groups=978(pipewire)
uid=42(gdm) gid=42(gdm) groups=42(gdm)
uid=979(gnome-initial-setup) gid=977(gnome-initial-setup) groups=977(gnome-initial-setup)
uid=978(insights) gid=976(insights) groups=976(insights)
uid=74(sshd) gid=74(sshd) groups=74(sshd)
uid=70(avahi) gid=70(avahi) groups=70(avahi)
uid=72(tcpdump) gid=72(tcpdump) groups=72(tcpdump)
uid=27(mysql) gid=27(mysql) groups=27(mysql)
uid=977(nginx) gid=975(nginx) groups=975(nginx)
uid=976(mongod) gid=974(mongod) groups=974(mongod)
uid=1001(rocketchat) gid=1001(rocketchat) groups=1001(rocketchat)
uid=1004(dwight) gid=1004(dwight) groups=1004(dwight)SUIDs
[dwight@paper ~]$ find / -perm -04000 -ls -type f 2>/dev/null
8808796 40 -rwsr-xr-x 1 root root 38680 May 11 2019 /usr/bin/fusermount
9137365 80 -rwsr-xr-x 1 root root 79496 Aug 18 2021 /usr/bin/chage
8927896 84 -rwsr-xr-x 1 root root 84104 Aug 18 2021 /usr/bin/gpasswd
8927899 44 -rwsr-xr-x 1 root root 43424 Aug 18 2021 /usr/bin/newgrp
8931938 52 -rwsr-xr-x 1 root root 50320 Jul 21 2021 /usr/bin/mount
8931953 52 -rwsr-xr-x 1 root root 50160 Jul 21 2021 /usr/bin/su
8931956 36 -rwsr-xr-x 1 root root 33544 Jul 21 2021 /usr/bin/umount
9189665 68 -rwsr-xr-x 1 root root 65904 Nov 8 2019 /usr/bin/crontab
8988797 36 -rwsr-xr-x 1 root root 33600 Apr 6 2020 /usr/bin/passwd
10008560 36 -rws--x--x 1 root root 33688 Jul 21 2021 /usr/bin/chfn
10009158 28 -rws--x--x 1 root root 25320 Jul 21 2021 /usr/bin/chsh
10009623 64 -rwsr-xr-x 1 root root 61688 May 11 2019 /usr/bin/at
9716917 164 ---s--x--x 1 root root 165488 Oct 25 2021 /usr/bin/sudo
9454437 36 -rwsr-xr-x 1 root root 34560 May 11 2019 /usr/bin/fusermount3
13107699 12 -rwsr-xr-x 1 root root 12136 Nov 8 2021 /usr/sbin/grub2-set-bootflag
13285751 12 -rwsr-xr-x 1 root root 12176 May 7 2021 /usr/sbin/pam_timestamp_check
13285753 40 -rwsr-xr-x 1 root root 37760 May 7 2021 /usr/sbin/unix_chkpwd
13022988 48 -rws--x--x 1 root root 45904 Aug 27 2021 /usr/sbin/userhelper
13704484 196 -rwsr-xr-x 1 root root 200408 Jul 30 2021 /usr/sbin/mount.nfs
585816 20 -rwsr-xr-x 1 root root 18016 May 11 2019 /usr/lib/polkit-1/polkit-agent-helper-1
13285491 64 -rwsr-x--- 1 root dbus 63656 May 8 2021 /usr/libexec/dbus-1/dbus-daemon-launch-helper
9189747 20 -rwsr-xr-x 1 root root 16792 Dec 21 2021 /usr/libexec/qemu-bridge-helper
9190025 60 -rwsr-x--- 1 root 973 58584 Sep 10 2021 /usr/libexec/cockpit-session
4750147 164 -rwsr-x--- 1 root sssd 163984 Dec 21 2021 /usr/libexec/sssd/krb5_child
4627603 96 -rwsr-x--- 1 root sssd 97544 Dec 21 2021 /usr/libexec/sssd/ldap_child
4750150 28 -rwsr-x--- 1 root sssd 25040 Dec 21 2021 /usr/libexec/sssd/proxy_child
4627609 56 -rwsr-x--- 1 root sssd 55440 Dec 21 2021 /usr/libexec/sssd/selinux_child
5742379 24 -rwsr-xr-x 1 root root 21080 Feb 2 2021 /usr/libexec/spice-gtk-x86_64/spice-client-glib-usb-acl-helper
9455310 16 -rwsr-xr-x 1 root root 12520 Jun 10 2021 /usr/libexec/Xorg.wrapSGIDs
[dwight@paper ~]$ find / -perm -02000 -ls -type f 2>/dev/null
1876 0 drwxr-sr-x 3 root systemd-journal 60 jun 7 03:22 /run/log/journal
1877 0 drwxr-s--- 2 root systemd-journal 60 jun 7 03:22 /run/log/journal/a3fe8114a69e48d9a400c4ebb90d68b1
8931965 24 -rwxr-sr-x 1 root tty 21120 Jul 21 2021 /usr/bin/write
10009857 48 -rwx--s--x 1 root slocate 48552 May 11 2019 /usr/bin/locate
13701061 24 -rwx--s--x 1 root lock 21760 May 11 2019 /usr/sbin/lockdev
13285501 16 -rwx--s--x 1 root utmp 13344 May 10 2019 /usr/libexec/utempter/utempter
13601321 448 -r-xr-sr-x 1 root ssh_keys 455064 Jul 13 2021 /usr/libexec/openssh/ssh-keysignProcesses
[dwight@paper ~]$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.4 172860 8560 ? Ss 03:22 0:06 /usr/lib/systemd/systemd --switched-root --system --deserialize 18
root 850 0.0 0.6 89520 11092 ? Ss 03:22 0:00 /usr/lib/systemd/systemd-journald
root 886 0.0 0.4 119044 7508 ? Ss 03:22 0:00 /usr/lib/systemd/systemd-udevd
root 995 0.0 0.1 150744 1916 ? S<sl 03:22 0:00 /sbin/auditd
root 997 0.0 0.0 48560 1816 ? S< 03:22 0:00 /usr/sbin/sedispatch
dbus 1025 0.0 0.2 84024 5092 ? Ss 03:22 0:04 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
avahi 1026 0.0 0.2 85336 4424 ? Ss 03:22 0:00 avahi-daemon: running [paper.local]
rtkit 1030 0.0 0.1 202852 3276 ? SNsl 03:22 0:00 /usr/libexec/rtkit-daemon
root 1032 0.0 0.4 564504 8996 ? Ssl 03:22 0:00 /usr/libexec/udisks2/udisksd
root 1035 0.0 0.3 79116 5788 ? Ss 03:22 0:00 /usr/lib/systemd/systemd-machined
root 1038 0.0 0.2 50260 3708 ? Ss 03:22 0:00 /usr/sbin/smartd -n -q never
root 1039 0.0 0.3 86204 5900 ? Ss 03:22 0:00 /usr/bin/VGAuthService -s
root 1040 0.0 0.4 381740 7764 ? Ssl 03:22 0:11 /usr/bin/vmtoolsd
polkitd 1044 0.0 0.8 1953364 16044 ? Ssl 03:22 0:01 /usr/lib/polkit-1/polkitd --no-debug
root 1045 0.0 0.2 125020 3752 ? Ssl 03:22 0:00 /usr/sbin/irqbalance --foreground
root 1047 0.0 0.4 219104 8008 ? Ss 03:22 0:00 /usr/sbin/sssd -i --logger=files
root 1048 0.0 0.1 17792 2060 ? Ss 03:22 0:00 /usr/sbin/mcelog --ignorenodev --daemon --foreground
root 1049 0.0 0.3 463028 6172 ? Ssl 03:22 0:00 /usr/sbin/ModemManager
libstor+ 1050 0.0 0.1 19740 1972 ? Ss 03:22 0:00 /usr/bin/lsmd -d
root 1060 0.0 0.5 405040 9880 ? Ssl 03:22 0:01 /usr/sbin/NetworkManager --no-daemon
avahi 1065 0.0 0.0 85208 268 ? S 03:22 0:00 avahi-daemon: chroot helper
chrony 1075 0.0 0.1 151156 3440 ? S 03:22 0:00 /usr/sbin/chronyd
root 1076 0.0 0.1 26244 2216 ? S 03:22 0:00 /bin/bash /usr/sbin/ksmtuned
root 1090 0.1 0.5 228204 10140 ? S 03:22 0:12 /usr/libexec/sssd/sssd_be --domain implicit_files --uid 0 --gid 0 --logger=files
root 1108 0.1 0.8 496532 15740 ? Ssl 03:22 0:14 /usr/libexec/platform-python -Es /usr/sbin/tuned -l -P
root 1113 0.0 0.2 94472 4920 ? Ss 03:22 0:00 /usr/sbin/sshd -D -oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc -oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512 -oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1- -oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 -oHostKeyAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com -oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com -oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa
root 1117 0.0 0.3 219124 7084 ? Ss 03:22 0:00 php-fpm: master process (/etc/php-fpm.conf)
root 1124 0.0 1.6 229260 29960 ? S 03:22 0:02 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files
root 1128 0.0 0.1 101776 2372 ? Ssl 03:22 0:00 /usr/sbin/gssproxy -D
root 1211 0.0 0.4 285276 9016 ? Ss 03:22 0:00 /usr/sbin/httpd -DFOREGROUND
root 1215 0.0 0.3 211616 6632 ? Ssl 03:22 0:01 /usr/sbin/rsyslogd -n
mongod 1225 0.9 3.8 1352980 70260 ? Sl 03:22 1:49 /usr/bin/mongod -f /etc/mongod.conf
root 1237 0.0 0.4 331428 8548 ? Ssl 03:22 0:05 /usr/libexec/accounts-daemon
root 1240 0.0 0.3 92624 6680 ? Ss 03:22 0:00 /usr/lib/systemd/systemd-logind
root 1255 0.0 0.1 44004 2192 ? Ss 03:22 0:00 /usr/sbin/atd -f
root 1261 0.0 0.1 36956 2804 ? Ss 03:22 0:00 /usr/sbin/crond -n
root 1283 0.0 0.0 13660 1488 tty1 Ss+ 03:22 0:00 /sbin/agetty -o -p -- \u --noclear tty1 linux
root 1285 0.0 0.2 126092 5056 ? S 03:22 0:00 /usr/sbin/CROND -n
dwight 1347 0.0 0.3 89488 7224 ? Ss 03:22 0:00 /usr/lib/systemd/systemd --user
dwight 1547 0.0 0.0 168584 472 ? S 03:22 0:00 (sd-pam)
mysql 1591 0.7 2.1 1778092 39116 ? Ssl 03:22 1:28 /usr/libexec/mysqld --basedir=/usr
dwight 1638 0.0 0.1 298156 3044 ? Ssl 03:22 0:00 /usr/bin/pulseaudio --daemonize=no --log-target=journal
dwight 1639 0.0 0.1 12724 2224 ? Ss 03:22 0:00 /bin/sh -c /home/dwight/bot_restart.sh >> /home/dwight/hubot/.hubot.log 2>&1
dwight 1642 0.0 0.1 12724 2404 ? S 03:22 0:00 /bin/bash /home/dwight/bot_restart.sh
dwight 2039 0.0 0.2 76488 4772 ? Ss 03:22 0:00 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
dnsmasq 2113 0.0 0.0 73328 1268 ? S 03:22 0:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
root 2114 0.0 0.0 73300 264 ? S 03:22 0:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
rocketc+ 2226 0.8 23.8 2623260 436776 ? Ssl 03:22 1:38 /usr/local/bin/node /opt/Rocket.Chat/main.js
dwight 2396 0.0 0.1 12724 2648 ? S 03:22 0:00 bash /home/dwight/hubot/start_bot.sh
dwight 2398 0.0 0.5 588936 10840 ? Sl 03:22 0:02 node /home/dwight/hubot/node_modules/coffeescript/bin/coffee /home/dwight/hubot/node_modules/.bin/hubot -a rocketchat
dwight 2446 0.0 0.1 12724 2732 ? S 03:23 0:00 bash /home/dwight/hubot/start_bot.sh
dwight 2448 0.0 2.0 630500 37172 ? Sl 03:23 0:11 node /home/dwight/hubot/node_modules/coffeescript/bin/coffee /home/dwight/hubot/node_modules/.bin/hubot -a rocketchat
apache 2817 1.2 0.5 331164 9804 ? S 03:28 2:23 php-fpm: pool www
apache 2849 1.3 0.6 331172 11156 ? S 03:28 2:30 php-fpm: pool www
apache 2892 1.4 0.5 331176 9932 ? S 03:29 2:44 php-fpm: pool www
apache 3283 1.2 0.6 331208 12024 ? S 03:34 2:22 php-fpm: pool www
apache 3557 1.3 1.0 331084 19780 ? S 03:39 2:21 php-fpm: pool www
apache 3562 1.3 0.9 331200 17288 ? S 03:39 2:25 php-fpm: pool www
apache 3758 1.3 1.0 331012 20128 ? S 03:42 2:27 php-fpm: pool www
apache 5758 0.0 0.3 298324 5676 ? S 04:15 0:00 /usr/sbin/httpd -DFOREGROUND
apache 5759 0.0 0.3 299696 5976 ? S 04:15 0:00 /usr/sbin/httpd -DFOREGROUND
apache 5760 0.5 0.6 1947088 11348 ? Sl 04:15 0:51 /usr/sbin/httpd -DFOREGROUND
apache 5761 0.5 0.5 1815676 10736 ? Sl 04:15 0:50 /usr/sbin/httpd -DFOREGROUND
apache 5762 0.5 0.5 1815808 10808 ? Sl 04:15 0:43 /usr/sbin/httpd -DFOREGROUND
apache 5980 0.6 0.7 1815744 14180 ? Sl 04:15 0:55 /usr/sbin/httpd -DFOREGROUND
apache 6511 1.3 0.7 330892 13700 ? S 04:22 1:50 php-fpm: pool www
apache 6545 1.3 0.6 330756 11580 ? S 04:23 1:50 php-fpm: pool www
apache 6623 1.3 0.5 330752 9448 ? S 04:24 1:47 php-fpm: pool www
apache 6765 1.1 0.5 330644 9408 ? S 04:26 1:33 php-fpm: pool www
dwight 11025 0.0 0.1 12724 2936 ? S 05:37 0:00 bash /home/dwight/hubot/start_bot.sh
dwight 11027 0.0 2.0 632360 36772 ? Sl 05:37 0:02 node /home/dwight/hubot/node_modules/coffeescript/bin/coffee /home/dwight/hubot/node_modules/.bin/hubot -a rocketchat
dwight 13754 0.0 0.3 313016 7040 ? Ssl 06:21 0:00 /usr/libexec/gvfsd
dwight 13759 0.0 0.3 449608 6180 ? Sl 06:21 0:00 /usr/libexec/gvfsd-fuse /run/user/1004/gvfs -f -o big_writes
root 14132 0.0 0.4 163784 8612 ? Ss 06:26 0:00 sshd: dwight [priv]
dwight 14134 0.0 0.2 163784 4980 ? S 06:26 0:00 sshd: dwight@pts/1
dwight 14135 0.0 0.2 25436 5236 pts/1 Ss 06:26 0:00 -bash
root 14631 0.0 0.4 163784 8536 ? Ss 06:34 0:00 sshd: dwight [priv]
dwight 14633 0.0 0.2 163784 4724 ? S 06:34 0:00 sshd: dwight@pts/0
dwight 14634 0.0 0.1 25436 3192 pts/0 Ss 06:34 0:00 -bash
dwight 14844 0.8 0.3 15796 5508 pts/0 S+ 06:37 0:01 /bin/sh ./linpeas.sh
dwight 23222 0.0 0.0 169040 952 ? Ss 06:39 0:00 gpg-agent --homedir /home/dwight/.gnupg --use-standard-socket --daemon
root 33113 0.0 0.0 7316 904 ? S 06:39 0:00 sleep 60
dwight 37886 0.0 0.0 7316 800 ? S 06:40 0:00 sleep 20s
dwight 38054 0.0 0.2 15796 4212 pts/0 S+ 06:40 0:00 /bin/sh ./linpeas.sh
dwight 38055 58.5 0.1 30176 3484 pts/0 R+ 06:40 0:01 find / ( -type f -or -type d ) -group dwight -perm -g=w ! -path /proc/* ! -path /sys/* ! -path /home/dwight/*
dwight 38056 0.0 0.0 12280 1160 pts/0 S+ 06:40 0:00 grep -Ev \.tif$|\.tiff$|\.gif$|\.jpeg$|\.jpg|\.jif$|\.jfif$|\.jp2$|\.jpx$|\.j2k$|\.j2c$|\.fpx$|\.pcd$|\.png$|\.pdf$|\.flv$|\.mp4$|\.mp3$|\.gifv$|\.avi$|\.mov$|\.mpeg$|\.wav$|\.doc$|\.docx$|\.xls$|\.xlsx$|\.svg$
dwight 38057 0.0 0.1 25372 3496 pts/0 S+ 06:40 0:00 awk -F/ {line_init=$0; if (!cont){ cont=0 }; $NF=""; act=$0; if (act == pre){(cont += 1)} else {cont=0}; if (cont < 5){ print line_init; } if (cont == "5"){print "#)You_can_write_even_more_files_inside_last_directory\n"}; pre=act }
dwight 38058 0.0 0.0 7328 956 pts/0 S+ 06:40 0:00 head -n500
dwight 38059 0.0 0.2 61660 4088 pts/1 R+ 06:40 0:00 ps -auxwww/usr/lib/polkit-1/polkitd --no-debug
/usr/bin/mongod -f /etc/mongod.conf
/usr/sbin/crond -n
Cron & Systemd
[dwight@paper ~]$ crontab -l ; cat /etc/crontab ; systemctl list-timers
@reboot /home/dwight/bot_restart.sh >> /home/dwight/hubot/.hubot.log 2>&1
SHELL=/bin/bash
path=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# For details see man 4 crontabs
# example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
NEXT LEFT LAST PASSED UNIT ACTIVATES
wed 2023-06-07 07:50:47 EDT 1h 7min left Wed 2023-06-07 06:36:52 EDT 6min ago dnf-makecache.timer dnf-makecache.service
thu 2023-06-08 00:00:00 EDT 17h left Wed 2023-06-07 03:22:25 EDT 3h 21min ago unbound-anchor.timer unbound-anchor.service
thu 2023-06-08 03:37:17 EDT 20h left Wed 2023-06-07 03:37:17 EDT 3h 6min ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean>
3 timers listed.
Pass --all to see loaded but inactive timers, too.
lines 1-7/7 (END)Sudo Version
[dwight@paper ~]$ sudo -V
Sudo version 1.8.29
Sudoers policy plugin version 1.8.29
Sudoers file grammar version 46
Sudoers I/O plugin version 1.8.29Sudo version 1.8.29
Glibc Version
[dwight@paper ~]$ ldd --version
ldd (GNU libc) 2.28
Copyright (C) 2018 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (GNU libc) 2.28