Hi
Recently I experienced a problem on one of user-desktop machine (centos5.2), when a user(with all access) deleted the file /var/log/messages to free some space (as df -h was showing /var 100% full), but still df -h shows 100% full.
It takes around 10 min to figure out the problem. To resolve it, I just reloaded the syslog service. ( I was luck that user told me what he did before, otherwise I am sure it will take min of 1 to 2 hour )
I want to know that is there any way to get perfect details of such misguiding output. (one i know is fuser, but i didn't find it's helpful).
To be more specific about problem I want to know ,Is there any way in Linux(centos) to do the following :-
--Remove/reload/wipe process who's ps output comes with D+ stat
--How to trace running script/process , were it is blocked/hold (basically exact line of script)
--process/users details of using resource ( disk partition, memory, files, etc) .
--
Thanks
ALOK PANDEY
