Apache22 stopped, however i can still web into my box

churchi

churchi

Hi guys,

I am troubleshooting an issue i have at the moment. However it seems that when I stop apache22 (/usr/local/etc/rc.d/apache22 stop)
I can still web into my box.

When I list the processes running I see:

Code: 
[root@server-01 /usr/local/etc/rc.d]# ps aux
USER      PID %CPU %MEM   VSZ   RSS  TT  STAT STARTED      TIME COMMAND
root       11 200.0  0.0     0    32  ??  RL    4:44PM 185:32.22 [idle]
root        0  0.0  0.0     0   576  ??  DLs   4:44PM   0:00.83 [kernel]
root        1  0.0  0.0  2176   580  ??  ILs   4:44PM   0:00.11 /sbin/init --
root        2  0.0  0.0     0    16  ??  DL    4:44PM   0:00.10 [g_event]
root        3  0.0  0.0     0    16  ??  DL    4:44PM   0:02.42 [g_up]
root        4  0.0  0.0     0    16  ??  DL    4:44PM   0:01.80 [g_down]
root        5  0.0  0.0     0    16  ??  DL    4:44PM   0:00.00 [xpt_thrd]
root        6  0.0  0.0     0    16  ??  DL    4:44PM   0:00.00 [mpt_recovery0]
root        7  0.0  0.0     0     8  ??  DL    4:44PM   0:00.00 [sctp_iterator]
root        8  0.0  0.0     0    16  ??  DL    4:44PM   0:00.00 [pagedaemon]
root        9  0.0  0.0     0    16  ??  DL    4:44PM   0:00.00 [vmdaemon]
root       10  0.0  0.0     0    16  ??  DL    4:44PM   0:00.00 [audit]
root       12  0.0  0.0     0   304  ??  WL    4:44PM   0:33.54 [intr]
root       13  0.0  0.0     0    16  ??  DL    4:44PM   0:00.21 [yarrow]
root       14  0.0  0.0     0   512  ??  DL    4:44PM   0:00.10 [usb]
root       15  0.0  0.0     0    16  ??  DL    4:44PM   0:00.00 [pagezero]
root       16  0.0  0.0     0    16  ??  DL    4:44PM   0:00.10 [bufdaemon]
root       17  0.0  0.0     0    16  ??  DL    4:44PM   0:02.80 [syncer]
root       18  0.0  0.0     0    16  ??  DL    4:44PM   0:00.02 [vnlru]
root       19  0.0  0.0     0    16  ??  DL    4:44PM   0:00.38 [softdepflush]
root       20  0.0  0.0     0    16  ??  DL    4:44PM   0:00.00 [flowcleaner]
root       38  0.0  0.0     0   220  ??  DL    4:44PM   0:00.12 [zfskern]
root      123  0.0  0.0  2736  1072  ??  Is    4:44PM   0:00.00 adjkerntz -i
root      463  0.0  0.0  2180   652  ??  Is    4:44PM   0:00.01 /sbin/devd
root      572  0.0  0.0  5820  1748  ??  Ss    4:44PM   0:00.03 /usr/local/sbin/syslog-ng -p /var/run/syslog.pid
root      745  0.0  0.0 10824  2584  ??  Ss    4:44PM   0:00.14 /usr/sbin/ntpd -c /etc/ntp.conf -p /var/run/ntpd.pid -f /var/db/ntp
root      800  0.0  0.0 19988  4092  ??  Ss    4:44PM   0:00.04 /usr/local/sbin/nmbd -D -s /usr/local/etc/smb.conf
root      804  0.0  0.1 26892  6012  ??  Is    4:44PM   0:00.01 /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf
root      808  0.0  0.1 21084  4792  ??  Is    4:44PM   0:00.02 /usr/local/sbin/winbindd -s /usr/local/etc/smb.conf
root      818  0.0  0.1 26892  5936  ??  I     4:44PM   0:00.00 /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf
root      820  0.0  0.1 21084  4816  ??  I     4:44PM   0:00.00 /usr/local/sbin/winbindd -s /usr/local/etc/smb.conf
root      838  0.0  0.1 21092  5024  ??  I     4:44PM   0:00.01 /usr/local/sbin/winbindd -s /usr/local/etc/smb.conf
root      839  0.0  0.1 21084  4812  ??  I     4:44PM   0:00.00 /usr/local/sbin/winbindd -s /usr/local/etc/smb.conf
root      841  0.0  0.1 24820  6604  ??  S     4:44PM   0:08.10 /usr/local/sbin/snmpd -p /var/run/snmpd.pid
root      981  0.0  0.1 25108  4392  ??  Is    4:44PM   0:00.00 /usr/sbin/sshd
root      988  0.0  0.1 37040  5084  ??  Is    4:44PM   0:00.01 sshd: churchi [priv] (sshd)
churchi   991  0.0  0.1 37040  5172  ??  I     4:44PM   0:00.02 sshd: churchi@pts/0 (sshd)
root      993  0.0  0.0 11044  4172  ??  Ss    4:44PM   0:00.06 sendmail: accepting connections (sendmail)
smmsp     997  0.0  0.0 11044  3956  ??  Is    4:44PM   0:00.00 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendma
root     1003  0.0  0.0  6920  1640  ??  Ss    4:44PM   0:00.01 /usr/sbin/cron -s
root     1030  0.0  0.0  7976  1448  ??  Is    4:44PM   0:00.00 /usr/sbin/inetd -wW -C 60
root     1085  0.0  0.1 32276 11964  ??  S     4:45PM   0:06.48 /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf
root     1092  0.0  0.1 37040  5228  ??  Is    4:47PM   0:00.01 sshd: churchi [priv] (sshd)
churchi  1095  0.0  0.1 37040  5292  ??  S     4:47PM   0:00.05 sshd: churchi@pts/1 (sshd)
root     1396  0.0  0.1 37040  5228  ??  Is    4:57PM   0:00.01 sshd: churchi [priv] (sshd)
churchi  1399  0.0  0.1 37040  5292  ??  I     4:57PM   0:00.53 sshd: churchi@pts/2 (sshd)
root     1462  0.0  0.1 37040  5228  ??  Is    5:03PM   0:00.01 sshd: churchi [priv] (sshd)
churchi  1465  0.0  0.1 37040  5292  ??  I     5:03PM   0:00.26 sshd: churchi@pts/3 (sshd)
root    47198  0.0  0.1 77112  7812  ??  Ss    5:13PM   0:00.15 /usr/local/sbin/httpd -DNOHTTPACCEPT
www     47208  0.0  0.1 77112  7888  ??  S     5:13PM   0:00.00 /usr/local/sbin/httpd -DNOHTTPACCEPT
www     47209  0.0  0.1 77112  7984  ??  I     5:13PM   0:00.01 /usr/local/sbin/httpd -DNOHTTPACCEPT
www     47210  0.0  0.1 77112  7884  ??  I     5:13PM   0:00.00 /usr/local/sbin/httpd -DNOHTTPACCEPT
www     47211  0.0  0.1 77112  7984  ??  I     5:13PM   0:00.01 /usr/local/sbin/httpd -DNOHTTPACCEPT
www     47212  0.0  0.1 77112  7980  ??  I     5:13PM   0:00.00 /usr/local/sbin/httpd -DNOHTTPACCEPT
root    78399  0.0  0.1 26916  6496  ??  S     6:09PM   0:00.00 /usr/local/sbin/smbd -D -s /usr/local/etc/smb.conf
root    78480  0.0  0.2 34488 15300  ??  Ss    6:21PM   0:00.00 /usr/local/bin/perl /usr/local/lib/webmin/miniserv.pl /usr/local/et
www     96759  0.0  0.1 77112  8040  ??  I     5:33PM   0:00.01 /usr/local/sbin/httpd -DNOHTTPACCEPT
mysql     859  0.0  0.0  7232  1840  v0- I     4:44PM   0:00.00 /bin/sh /usr/local/bin/mysqld_safe --defaults-extra-file=/var/db/my
mysql     908  0.0  0.3 60100 23712  v0- I     4:44PM   0:01.28 /usr/local/libexec/mysqld --defaults-extra-file=/var/db/mysql/my.cn
root     1057  0.0  0.0  5860  1288  v0  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv0
root     1058  0.0  0.0  5860  1288  v1  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv1
root     1059  0.0  0.0  5860  1288  v2  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv2
root     1060  0.0  0.0  5860  1288  v3  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv3
root     1061  0.0  0.0  5860  1288  v4  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv4
root     1062  0.0  0.0  5860  1288  v5  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv5
root     1063  0.0  0.0  5860  1288  v6  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv6
root     1064  0.0  0.0  5860  1288  v7  Is+   4:44PM   0:00.00 /usr/libexec/getty Pc ttyv7
churchi   992  0.0  0.0  9200  2840   0  Is    4:44PM   0:00.00 -bash (bash)
root     1065  0.0  0.0 20636  2076   0  I     4:44PM   0:00.00 su
root     1066  0.0  0.0  9200  2988   0  I+    4:44PM   0:00.04 su (bash)
churchi  1096  0.0  0.0  9200  2932   1  Is    4:47PM   0:00.00 -bash (bash)
root     1097  0.0  0.0 20636  2076   1  I     4:47PM   0:00.00 su
root     1098  0.0  0.0  9200  2948   1  S     4:47PM   0:00.04 su (bash)
root    78499  0.0  0.0  6976  1464   1  R+    6:22PM   0:00.00 ps aux
churchi  1400  0.0  0.0  9200  2932   2  Is    4:57PM   0:00.00 -bash (bash)
root     1402  0.0  0.0 20636  2076   2  I     4:57PM   0:00.00 su
root     1403  0.0  0.0  9200  2948   2  I     4:57PM   0:00.02 su (bash)
root    78300  0.0  0.0 11296  3920   2  I+    6:01PM   0:00.02 nano httpd.conf
churchi  1466  0.0  0.0  9200  2932   3  Is    5:03PM   0:00.00 -bash (bash)
root     1467  0.0  0.0 20636  2076   3  I     5:03PM   0:00.00 su
root     1468  0.0  0.0  9200  2968   3  I+    5:03PM   0:00.03 su (bash)
[root@server-01 /usr/local/etc/rc.d]# 

[root@server-01 /usr/local/etc/rc.d]# ./apache22 stop
apache22 not running? (check /var/run/httpd.pid).
[root@server-01 /usr/local/etc/rc.d]#


Is there a way to find out which service is still serving up the http request?


Thanks
 
Good morning,

The command sockstat will give you all information you need (pid, executable name, listening or active connections) to identify what is runnning on a specific port.

Use:
$ sockstat | grep :80

And you'll get an output like:
Code: 
www      httpd      3919  3  tcp4 6 *:80                  *:*
www      httpd      3918  3  tcp4 6 *:80                  *:*
www      httpd      3918  13 tcp4   10.0.0.101:80         10.0.0.4:12867
www      httpd      3897  3  tcp4 6 *:80                  *:*
(...)

This example means:
  1. there are several httpd process running under user www on PIDs 3919, 3918 and 3897 and listening the port 80.
  2. a connection is active from 10.0.0.4
If I wish to kill all of them I can:
# killall httpd
 
If you installed Apache through ports or a fairly classic install process, you can use the apachectl command:

To stop your server:
# apachectl stop

When you edit httpd.conf, to restart it gracefully:
# apachectl graceful
 
Awesome thanks guys for the feedback. I have used the kill command to kill the process and it has not come back.

Appreciate the responses to my question.

Cheers
 
You must log in or register to reply here.
Back
Top