Suspicious log message - stapsys ?

Issues related to applications and software problems

Suspicious log message - stapsys ?

Postby ivankovacevic » 2012/08/15 14:51:02

I've just (15.Aug) completed a bigger yum update. Afterwards I made a system shutdown and boot for some other reason and now I can see few log messages in /var/log/secure that I don't know what they are:

Aug 15 14:08:36 jupiter groupadd[6493]: group added to /etc/group: name=stapsys, GID=157
Aug 15 14:08:36 jupiter groupadd[6493]: group added to /etc/gshadow: name=stapsys
Aug 15 14:08:36 jupiter groupadd[6493]: new group: name=stapsys, GID=157
Aug 15 14:08:38 jupiter useradd[6503]: failed adding user 'mysql', data deleted
Aug 15 14:08:47 jupiter useradd[6532]: failed adding user 'tcpdump', data deleted

(jupiter is my hostname)

What is this stapsys ? and why did the process try to add mysql and tcpdump user (All of this happened during boot automatically)
Should i worry? Thanks in advance to anyone for some hint...
ivankovacevic
 
Posts: 1
Joined: 2012/08/15 14:42:18

Suspicious log message - stapsys ?

Postby TrevorH » 2012/08/15 17:49:09

stapsys is a user associated with the systemtap package. All those messages were probably produced during the yum update - many packages have pre and post install scripts that user useradd and groupadd to set up the users that they will run with.
User avatar
TrevorH
Forum Moderator
 
Posts: 9167
Joined: 2009/09/24 10:40:56
Location: Brighton, UK


Return to CentOS 6 - Software Support

Who is online

Users browsing this forum: No registered users and 8 guests