Centos – setroubleshootd excessive cpu and memory usage

centoscpu usageselinux

I have Centos 7 fresh install and I see setroubleshootd with high CPU usage. How can I fix this? What is this process doing?

Best Answer

First of all, you should not disable SELinux. So what could cause the high CPU usage of setroubleshootd.

Try to find out in which mode SELinux is running on the machine by typing sestatus. It should show several lines. The interesting parts are SELinux status: and Current Mode which are usually enabled and enforcing. If the current mode is permissive, then SELinux does not block anything but only logs it (good for troubleshooting).

Assuming SELinux is enabled and in in enforcing mode, now take a look at the log /var/log/audit/audit.log. I would recommend to use tail -f /var/log/audit/audit.log to see live changes of the file.

Because you have high CPU load of setroubleshootd I assume you have permanent changes/entries in the file, meaning something permanently violates the SELinux policy and the output could give you a first clue why.

For more in depth troubleshooting you could install setroubleshoot-server with yum install setroubleshoot-server. This package is a set of tools that can help you to find the real cause of the SELinux violation. Most of the time it happens when you added files to the system without setting the correct SELinux permissions or a process tries to access a non typical file or folder.

I would recommend you read this document about SELinux first and this document to get an overview and then look at documents like this for your distribution.

There is a bit of a learning curve with SELinux and too much for a simple answer, but I would never ever disable it on a public facing server.

Related Solutions

Shell – How to Find CPU and Memory Usage of Child Processes

the code

pgrep -P $(pgrep supervisord) | xargs ps -o %mem,%cpu,cmd -p | awk '{memory+=$1;cpu+=$2} END {print memory,cpu}'

will get only one child layer

if u want to search for all processes that were derived from a main pid, use this code ..

ps -o pid,ppid,pgid,comm,%cpu,%mem  -u {user name} | {grep PID_PRINCIPAL}

The pid of main processe is the PGID of child processes.

Linux – Debugging high (near total) CPU/memory usage of “Web Content” application on Linux Mint

this is a common problem causing nothing but the battery wasted energy decreasing unplugged operation time significantly.

the cause of the problem appears to be very simple: you may have too many tabs opened each having bulky and useless endless loops running java-scripts.

those java-scripts are usually not origin of the web site you are working with but an ad based 3rd parties from somewhere else trying to collect some info from your FFox session or just to display switching ads on a side.

the simple (but not unique) solution would be to install NoScript plugin - causing immediate effect - Web Content process CPU consumtion will decrease almost to 0%.

so keep NoScript installed on all your FFox'es and keep track on what domain you are actually allowing scripts from to be executed very carefully.

it's a good practice to allow only original domain scripts for permanent (a choice "allow") to have the web site you are visiting to display correctly all the useful information, but to keep side or extra domains only in "forbid" or "temporary allow" mode so the next FFox load will keep all these unwelcome scripts banned again.

Best Answer

Related Solutions

Shell – How to Find CPU and Memory Usage of Child Processes

Linux – Debugging high (near total) CPU/memory usage of “Web Content” application on Linux Mint

Related Question