Knowledge Center Search


 

How Do I Shut Down Juniper Networks IDP Services and Unload the Kernel?

  [KB6799] Show KB Properties

  [KB6799] Hide KB Properties

Categories:
Knowledge Base ID: KB6799
Last Updated: 09 Jun 2010
Version: 3.0

Summary:
How Do I Shut Down Juniper Networks IDP Services and Unload the Kernel?

Problem or Goal:
IDP services will turn off, but kernel is still loaded and running

The user had attempted to shut down the IDP services and unload the kernel...how ever the kernel was busy, and did not unload. Then, when running "idp.sh status" you can see that the kernel mod is running, but the services all turned off.

In this scenario, if the kernel module is still running (after idp.sh stop), then the next step is to do "ps -auxw" and look for an instance of "sctop". If you see one, then kill its PID (kill -9 <pid#>), and then try to run "idp.sh stop" again, and look for "IDP kernel module is not running".


Solution:

To shut down the IDP services and unload the kernel, perform the following steps:

Open the Sensor Command Line Interface (CLI), and then enter the following command to determine the current status:
idp.sh status

[root@idp root]#
[root@idp root]# idp.sh status
Retrieving status...
using IDPDIR = /usr/idp
IDP kernel module is running
idpLogReader (pid 23386)...........................ON
slogd (pids 23469).................................ON
sciod (pid 23446)..................................ON
statusForwarder (pid 23492)........................ON
logForwarder (pid 23515)...........................ON
sessionFetcher (pid 23677).........................ON
dLogPurger (pid 23640).............................ON

To shut down the IDP services, enter idp.sh stop; press ENTER.

[root@idp root]# idp.sh stop
Stopping apps...
Stopped idpLogReader (pid 23386)
No pidfile for slogd
Stopped slogd (pid 23469)
Stopped dLogPurger (pid 23640)
using IDPDIR = /usr/idp
Stopping IDP kernel module...idp:
Device or resource busy
succeeded
[root@idp root]# idp.sh status
Retrieving status...
using IDPDIR = /usr/idp
IDP kernel module is running
idpLogReader.......................................off
slogd..............................................off
sciod..............................................off
statusForwarder....................................off
logForwarder.......................................off
sessionFetcher.....................................off
dLogPurger.........................................off
[root@idp root]#

The kernel may still be loaded and running (as in this example). If this happens, issue a ps -auxw command and look for an instance of sctop.

[root@idp root]# ps -auxw
USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  1416  508 ?        S    Oct21   0:07 init [3]
root         2  0.0  0.0     0    0 ?        SW   Oct21   0:00 [keventd]
root         3  0.0  0.0     0    0 ?        SWN  Oct21   0:00 [ksoftirqd_CPU0]
root         4  0.0  0.0     0    0 ?        SW   Oct21   0:00 [kswapd]
root         5  0.0  0.0     0    0 ?        SW   Oct21   0:00 [bdflush]
root         6  0.0  0.0     0    0 ?        SW   Oct21   0:00 [syslogd]
idp       2242  0.0  0.3 146736 3348 ?       S    Oct21   0:00 [guiDaemon]
idp       2293  0.0  0.3 146736 3348 ?       S    Oct21   0:00 [logWalker]
root      2440  0.0  1.1 15608 11440 ?       S    Oct21   0:02 /usr/sbi. n/httpd -
DHAVE_PERL -DHAVE_PROXY -DHAVE_SSL -DHAVE_ACCESS -DH
root      2458  0.0  0.0  1460  608 ?        S    Oct21   0:00 crond
root      2468  0.0  0.1  2316 1336 tty1     S    Oct21   0:00 [login]
root      2469  0.0  0.0  1388  436 tty2     S    Oct21   0:00 /sbin/mingetty tty2
root      2470  0.0  0.0  1388  436 tty3     S    Oct21   0:00 /sbin/mingetty tty3
root      2471  0.0  0.0  1388  436 tty4     S    Oct21   0:00 /sbin/mingetty tty4
root      2472  0.0  0.0  1388  436 tty5     S    Oct21   0:00 /sbin/mingetty tty5
root      2473  0.0  0.0  1388  436 tty6     S    Oct21   0:00 /sbin/mingetty tty6
root      2474  0.0  0.0  1396  488 ttyS0    S    Oct21   0:00 /sbin/agetty ttyS0 9600 vt100
admin     2979  0.0  0.1  2316 1208 tty1     S    Oct21   0:00 -bash
root      3030  0.0  0.1  3368 1144 ?        S    Oct21   0:00 [master]
postfix   3053  0.0  0.1  3412 1180 ?        S    Oct21   0:00 [nqmgr]
root      3066  0.0  0.1  2328 1160 tty1     S    Oct21   0:00 [su]
root      3086  0.0  0.1  2412 1324 tty1     S    Oct21   0:00 -bash
ntp      14026  0.0  0.1  1932 1924 ?        SL   Oct21   0:00 [ntpd]
root     14052  0.0  0.1  2672 1272 ?        S    Oct21   0:00 /usr/sbin/sshd
apache   23316  0.0  1.1 15608 11444 ?       S    04:02   0:00 [httpd]
apache   23317  0.0  1.1 15608 11444 ?       S    04:02   0:00 [httpd]

apache   23318  0.0  1.1 15608 11444 ?       S    04:02   0:00 [httpd]

root      3716  0.0  0.8 10216 9096 tty1    SL   13:11   0:00 sctop

admin     3852  0.0  0.1  2300 1196 pts/0    S    13:11   0:00 -bash
root      3901  0.0  0.1  2328 1160 pts/0    S    13:11   0:00 [su]
root      3919  0.0  0.1  2400 1296 pts/0    S    13:11   0:00 -bash
postfix   6876  0.0  0.1  3364 1136 ?        S    14:17   0:00 [pickup]
root     26777  0.0  0.0  1680  528 ?        S    14:55   0:00 sleep 3
root     26789  0.0  0.0  1680  528 ?        S    14:55   0:00 sleep 1
root     26790  0.0  0.0  2644  716 pts/0    R    14:55   0:00 ps -auxw

If you see an instance of sctop as seen in the example above, kill its PID and try to run idp.sh stop again. Verify that the IDP kernel module is not running message appears on the console.

The user had attempted to shut down the IDP services and unload the kernel; however, the kernel was busy and did not unload. Then, when running idp.sh status you can see that the kernel mod is running, but the services are turned off.

In this scenario, if the kernel module is still running (after idp.sh stop), the next step is to issue the ps -auxw command and look for an instance of sctop. If you see one, kill its PID (kill -9 ), try to run idp.sh stop again and look for IDP kernel module is not running.

[root@idp root]# kill -9 3716
[root@idp root]# idp.sh stop
Stopping apps...
No pidfile for idpLogReader
No pidfile for slogd
No pidfile for sciod
No pidfile for statusForwarder
No pidfile for logForwarder
No pidfile for sessionFetcher
No pidfile for dLogPurger
using IDPDIR = /usr/idp
Stopping IDP kernel module...succeeded

[root@idp root]# idp.sh status
Retrieving status...
using IDPDIR = /usr/idp
IDP kernel module is not running
idpLogReader......................................off
slogd.............................................off
sciod.............................................off
statusForwarder...................................off
logForwarder......................................off
sessionFetcher....................................off
dLogPurger........................................off
[root@idp root]#

Purpose:
Troubleshooting

Related Links:

 

 

ASK THE KB

Question or KB ID:


 


 

 
Copyright© 1999-2012 Juniper Networks, Inc. All rights reserved.