----- Original Message -----
Sent: Monday, September 18, 2006 6:40
PM
Subject: Re: [FreeBSD] acilista sshd'nin
baslamasi zaman aliyor
merhaba,
mount'dan sonra strace ciktisi soyle:
execve(0xbfbfe6e0,
[0xbfbfebd4], [/* 0 vars */]) = 0
mmap(0, 3920, PROT_READ|PROT_WRITE,
MAP_ANON, -1, 0) = 0x28093000
munmap(0x28093000,
3920)
= 0
__sysctl([...], 0x2808fc58, 0xbfbfe998, NULL, 0) = 0
mmap(0, 32768,
PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0) =
0x28093000
issetugid(0)
= 0
open("/etc/libmap.conf", O_RDONLY) = -1
ENOENT (No such file or directory)
open("/var/run/ld-elf.so.hints",
O_RDONLY) = 3
read(3, "LD_TRACE_LOADED_OBJECTS_FMT1\0\t%o"..., 128) =
128
lseek(3, 128,
SEEK_SET)
= 128
read(3, "/lib:/usr/lib:/usr/lib/compat:/u"..., 106) = 106
close(3)
= 0
access("/lib/libssh.so.2",
F_OK) = -1 ENOENT (No such file or
directory)
access("/usr/lib/libssh.so.2", F_OK) =
0
open("/usr/lib/libssh.so.2", O_RDONLY) = 3
fstat(3, {st_mode=0,
st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\314\177"..., 4096) =
4096
mmap(0, 192512, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x2809b000
mprotect(0x280c7000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x280c7000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x280c8000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x2d000) =
0x280c8000
mmap(0x280c9000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) =
0x280c9000
close(3)
= 0
access("/lib/libutil.so.4", F_OK) =
0
open("/lib/libutil.so.4", O_RDONLY) = 3
fstat(3, {st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260-\0"..., 4096) =
4096
mmap(0, 49152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x280ca000
mprotect(0x280d3000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x280d3000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x280d4000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x9000) =
0x280d4000
mmap(0x280d5000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0x280d5000
close(3)
= 0
access("/lib/libz.so.2",
F_OK) =
0
open("/lib/libz.so.2",
O_RDONLY) = 3
fstat(3,
{st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\254\25"..., 4096) = 4096
mmap(0, 65536, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x280d6000
mprotect(0x280e4000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x280e4000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x280e5000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xe000) = 0x280e5000
close(3)
= 0
access("/lib/libwrap.so.3", F_OK) =
-1 ENOENT (No such file or directory)
access("/usr/lib/libwrap.so.3",
F_OK) = 0
open("/usr/lib/libwrap.so.3", O_RDONLY) = 3
fstat(3, {st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\36"..., 4096) =
4096
mmap(0, 32768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x280e6000
mprotect(0x280eb000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x280eb000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x280ec000,
8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x5000) =
0x280ec000
close(3)
= 0
access("/lib/libpam.so.2",
F_OK) = -1 ENOENT (No such file or
directory)
access("/usr/lib/libpam.so.2", F_OK) =
0
open("/usr/lib/libpam.so.2", O_RDONLY) = 3
fstat(3, {st_mode=0,
st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240\33"..., 4096) =
4096
mmap(0, 28672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x280ee000
mprotect(0x280f3000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) = 0
mprotect(0x280f3000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x280f4000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x5000) =
0x280f4000
close(3)
= 0
access("/lib/libgssapi.so.7", F_OK) = -1 ENOENT
(No such file or directory)
access("/usr/lib/libgssapi.so.7", F_OK) =
0
open("/usr/lib/libgssapi.so.7", O_RDONLY) = 3
fstat(3, {st_mode=0,
st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\234;\0"..., 4096) = 4096
mmap(0, 57344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x280f5000
mprotect(0x28101000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x28101000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x28102000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xd000) = 0x28102000
close(3)
= 0
access("/lib/libkrb5.so.7", F_OK) =
-1 ENOENT (No such file or directory)
access("/usr/lib/libkrb5.so.7",
F_OK) = 0
open("/usr/lib/libkrb5.so.7", O_RDONLY) = 3
fstat(3, {st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0|\317\0"..., 4096) =
4096
mmap(0, 229376, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x28103000
mprotect(0x28137000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x28137000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x28138000,
12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x34000) =
0x28138000
close(3)
= 0
access("/lib/libasn1.so.7", F_OK) =
-1 ENOENT (No such file or directory)
access("/usr/lib/libasn1.so.7",
F_OK) = 0
open("/usr/lib/libasn1.so.7", O_RDONLY) = 3
fstat(3, {st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\364O\0"..., 4096) =
4096
mmap(0, 135168, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x2813b000
mprotect(0x2815a000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x2815a000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x2815b000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1f000) =
0x2815b000
close(3)
= 0
access("/lib/libcom_err.so.2", F_OK) = -1 ENOENT (No
such file or directory)
access("/usr/lib/libcom_err.so.2", F_OK) =
0
open("/usr/lib/libcom_err.so.2", O_RDONLY) = 3
fstat(3, {st_mode=0,
st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\310\10"..., 4096) =
4096
mmap(0, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x2815c000
mprotect(0x2815c000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x2815c000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x2815d000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1000) =
0x2815d000
close(3)
= 0
access("/lib/libroken.so.7", F_OK) = -1
ENOENT (No such file or directory)
access("/usr/lib/libroken.so.7",
F_OK) = 0
open("/usr/lib/libroken.so.7", O_RDONLY) = 3
fstat(3,
{st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\2542\0"..., 4096) =
4096
mmap(0, 57344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x2815e000
mprotect(0x2816a000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) = 0
mprotect(0x2816a000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x2816b000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xc000) =
0x2816b000
close(3)
= 0
access("/lib/libcrypto.so.3", F_OK) = 0
open("/lib/libcrypto.so.3", O_RDONLY) = 3
fstat(3,
{st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p0\3\000"..., 4096) =
4096
mmap(0, 1011712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x2816c000
mprotect(0x2824c000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x2824c000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x2824d000,
81920, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xe0000) =
0x2824d000
mmap(0x28261000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) =
0x28261000
close(3)
= 0
access("/lib/libcrypt.so.2", F_OK) =
0
open("/lib/libcrypt.so.2", O_RDONLY) = 3
fstat(3,
{st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\210\16"..., 4096) =
4096
mmap(0, 98304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x28263000
mprotect(0x28268000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x28268000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x28269000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x6000) =
0x28269000
mmap(0x2826a000, 69632, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0x2826a000
close(3)
= 0
access("/lib/libc.so.5",
F_OK) =
0
open("/lib/libc.so.5",
O_RDONLY) = 3
fstat(3,
{st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\327"..., 4096) = 4096
mmap(0, 892928, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x2827b000
mprotect(0x2833b000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x2833b000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x2833c000,
20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xc0000) = 0x2833c000
mmap(0x28341000, 81920, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) =
0x28341000
close(3)
= 0
access("/lib/libz.so.2",
F_OK) =
0
access("/lib/libgssapi.so.7", F_OK) = -1 ENOENT
(No such file or directory)
access("/usr/lib/libgssapi.so.7", F_OK) =
0
access("/lib/libkrb5.so.7", F_OK) =
-1 ENOENT (No such file or directory)
access("/usr/lib/libkrb5.so.7",
F_OK) = 0
access("/lib/libasn1.so.7",
F_OK) = -1 ENOENT (No such file or
directory)
access("/usr/lib/libasn1.so.7", F_OK) =
0
access("/lib/libcom_err.so.2", F_OK) = -1 ENOENT (No
such file or directory)
access("/usr/lib/libcom_err.so.2", F_OK) =
0
access("/lib/libmd.so.2",
F_OK) = 0
open("/lib/libmd.so.2", O_RDONLY) =
3
fstat(3, {st_mode=0, st_size=0, ...}) = 0
read(3,
"\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\21"..., 4096) =
4096
mmap(0, 40960, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_NOCORE, 3, 0) =
0x28355000
mprotect(0x2835d000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mprotect(0x2835d000, 4096, PROT_READ|PROT_EXEC) = 0
mmap(0x2835e000,
4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x8000) =
0x2835e000
close(3)
= 0
access("/lib/libroken.so.7", F_OK) = -1
ENOENT (No such file or directory)
access("/usr/lib/libroken.so.7",
F_OK) = 0
access("/lib/libcrypto.so.3", F_OK)
= 0
access("/lib/libcrypt.so.2", F_OK) = 0
mmap(0, 3504, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
3504)
= 0
mmap(0, 4760, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
4760)
= 0
mmap(0, 1784, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
1784)
= 0
mmap(0, 960, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
960)
= 0
mmap(0, 1176, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
1176)
= 0
mmap(0, 1056, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
1056)
= 0
mmap(0, 1912, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
1912)
= 0
mmap(0, 6368, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
6368)
= 0
mmap(0, 2904, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
2904)
= 0
mmap(0, 416, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
416)
= 0
mmap(0, 2032, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
2032)
= 0
mprotect(0x2816c000, 921600, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mmap(0, 22184, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) = 0x2835f000
munmap(0x2835f000,
22184)
= 0
mprotect(0x2816c000, 921600, PROT_READ|PROT_EXEC) = 0
mmap(0, 600,
PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) = 0x2835f000
munmap(0x2835f000,
600)
= 0
mprotect(0x2827b000, 790528, PROT_READ|PROT_WRITE|PROT_EXEC) =
0
mmap(0, 22024, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) =
0x2835f000
munmap(0x2835f000,
22024)
= 0
mprotect(0x2827b000, 790528, PROT_READ|PROT_EXEC) = 0
mmap(0, 752,
PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) = 0x2835f000
munmap(0x2835f000,
752)
= 0
syscall_416(0x4, 0xbfbfeae4, 0xbfbfeac4) = 0
sigprocmask(SIG_BLOCK,
NULL, []) = 0
syscall_416(0x4,
0xbfbfeac4, 0) = 0
sysarch(0x1,
0xbfbfeaf4)
= 17
sigprocmask(SIG_BLOCK, ~[ILL TRAP ABRT EMT FPE BUS SEGV SYS], []) =
0
sigprocmask(SIG_SETMASK, [], NULL) =
0
readlink("/etc/malloc.conf", 0xbfbfe1a0, 63) = -1 ENOENT (No such file or
directory)
issetugid(0x28282434)
= 0
mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0) =
0x2835f000
break(0x8074000)
=
0
break(0x8075000)
= 0
geteuid(0)
= 0
setgroups(0, []