On Mon, Jan 05, 2004 at 01:04:18AM -0600, Michael D Schleif wrote: > I have been using tiger for nearly a year. Several months ago, a new > test was added in: > > /usr/lib/tiger/scripts/check_finddeleted > I wrote this (probably too agressive test) after reading one of Brain Hatch's excellent articles [1]. It's probably written in a very broad way (to catch all the culprits) but fires off in many common cases. Since Tiger 3.2.1 provides an "ignore" mechanism (similar to logcheck's) you can add those common cases to your tiger.ignore file. In bug # 225112 I mention some common ones (in my case) which include the following regular expressions (for apache): Server /usr/sbin/apache \(pid \d+\) is using deleted files The parent process of server /usr/sbin/apache \(pid \d+\) is using deleted files Program apache \(pid \d+, parent \d+\) is using a deleted file: .* /tmp/session_mm_apache0.sem \(deleted\) I'm testing these to see if they could be included in the default tiger.ignore file. In any case I want to be cautious about adding these. You can always also move that script so that it does not run too often. The default, which is every 8 hours, might be too much if you are running sid and upgrading often. Regards Javi [1] In his Hacking Linux Exposed newsletter, more specifically: http://www.hackinglinuxexposed.com/articles/20020507.html
Attachment:
signature.asc
Description: Digital signature