Using QNX 6.4.1, there is a command called pidin times that shows information about processes. I think it means PID INformation. Among other things, you can see how much CPU a process has used since it was started.
I have a system that is showing almost 2 minutes of processor utilization for /usr/sbin/random after the system has been running for about 10 hours. That seems like a lot, as nothing in my code calls /usr/sbin/random.
There is a lot of network activity (UDP and TCP) right now though, so I'm wondering if the network driver is calling random to get dynamic collision backoff times because of packet collisions.
Could this theory be correct? (Okay, how plausible is it?) If not, is there something else I should check? There are currently latency problems with this system that did not exist yesterday and I'd like to find out what's going on. This particular clue may help isolate the problem.
Update
Further investigation using nicinfo revealed no packet collisions at all. So there goes my dynamic collision backoff time theory. Any other ideas?
Another Update
While this helped be find the answer to my problem (SSHD was using random, of course!!), be careful. If you use SSH, it needs a working random to allow you to log on. For some reason, the call in my script to random.old didn't work, and I just about bricked my embedded system. So be careful.
Best Answer
Crazy troubleshooting idea: make a honeypot / poor-man's process accounting.
Make a backup of
/usr/bin/randomtouch /tmp/who_is_calling_random.log ; chmod 622 /tmp/who_is_calling_random.logReplace
/usr/bin/randomwith this shell script (note you can use a different path than /tmp if you need to, but make sure it's world writable).chmod 755 /usr/bin/randomReboot the system.
See what gathers in the honeypot log. This should be a log of who/what is behind the use of the random program.
Restore
randomfrom the backup you made in step #1.Reboot system.