Two of our Apache servers remounted root filesystem as read-only

[Brazen]

Two of our Apache web server decided to remount their filesystems as read-only. I rebooted them and they are fine, but I'm a little concerned on why they would both do it at the same time.

The odd thing is, one is in a dmz available from the internet and the other is only accessible internally. It's not even accessible from the other web server.

I just thought I would throw it out there to see if anybody had heard of this being an indication of hacker activity.

 

[Nothinman]

That's what the ext3 driver does by default when it detects a problem with the filesystem so it's usually an indication of a problem with the disk or memory.

 

[kedlav]

Common bug with RHEL Virtual Machines as well.

 

[Brazen]

Originally posted by: kedlav
Common bug with RHEL Virtual Machines as well.

They are both RHEL. Our RHEL vsftpd server just did the same thing yesterday, too. Odd though that these have been in place for 6 months or more without a problem.

 

[DaiShan]

As was previously stated, ext3 will do that to if you it runs into an issue. Does dmesg or /var/log/messages show any ext3 errors? I had a box that was giving me fits, with the same issue, finally did a memory scan and turned up a bad stick, go figure.

 

[kedlav]

Originally posted by: Brazen

Originally posted by: kedlav
Common bug with RHEL Virtual Machines as well.

They are both RHEL. Our RHEL vsftpd server just did the same thing yesterday, too. Odd though that these have been in place for 6 months or more without a problem.

Yea, this shit just cropped up at work after six to nine months. No idea what kicked off the problem, but within two weeks, every RHEL VM started doing this. Check the following KB article to see if you're up the same creek:

http://kb.vmware.com/selfservi...layKC&externalId=51306