kdevtmpfsi - how to find and delete that miner [closed]

我的梦境 提交于 2021-02-17 12:37:38

问题


I saw in my Linux (Ubuntu) server processes, called: kdevtmpfsi. It utilized 100% of all CPUs and RAM...

1) Tried to find a word in linux files:

find / -type f -exec grep -l "kdevtmpfsi" {} +

2) And found a file in the docker _data folder:

/var/lib/docker/volumes/d2076917e9f44b55d1fbfe2af6aca706f3cc52ca615e5f5de1ae1fdb4a040154/_data/kinsingj2BpMsGgCo

3) It is called like sha-ashed file: kinsingj2BpMsGgCo. So I removed it:

rm /var/lib/docker/volumes/d2076917e9f44b55d1fbfe2af6aca706f3cc52ca615e5f5de1ae1fdb4a040154/_data/kinsingj2BpMsGgCo

4) And restarted my server:

restart

But it doesn`t works. It copy new file in docker _data container and runs when docker starts...

Does anybody know what to do with it?


UPDATE:

We have killed that miner with dext steps:

  1. First of all - close redis ports on your server or add a password.
  2. Remove from crontab command with .sh instructions
  3. Delete hashed file from docker/{{volume}}/_data folder
  4. Delete tmp/kdevtmpfsi file

来源:https://stackoverflow.com/questions/59487096/kdevtmpfsi-how-to-find-and-delete-that-miner

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!