Rogue root 'emacs23' process
Binary package hint: emacs23
On my KUbuntu Lucid desktop, I occasionally see an emacs23 process run by the root and taking up 30% CPU or more. Here is an example with top:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2031 root 30 10 32032 15m 4904 R 33.2 0.8 0:31.23 emacs23
Where is this coming from? I am the only user logged into the machine and sshd is disabled. Could it be a rootkit of some sort?
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- Ubuntu emacs23 Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Davor Cubranic
- Solved:
- 2010-06-18
- Last query:
- 2010-06-18
- Last reply:
- 2010-06-03
This question was originally filed as bug #588808.
| Anders Kaseorg (andersk) said : | #1 |
Do you have the auctex package installed? You are probably just seeing /etc/cron.
| Anders Kaseorg (andersk) said : | #2 |
[repeating as an “Information Request”]
Do you have the auctex package installed? You are probably just seeing /etc/cron.
The "where is it coming from" part can be investigated from a ps(1) listing. Each process also lists its parent process ID; you should expect to see this job turn up as a child (or grandchild) of cron if Anders Kaseorg's hypothesis is correct.
The output from pstree(1) is easier to grasp than a raw ps(1) listing if you are not too familiar with the concepts.
| Davor Cubranic (cubranic) said : | #4 |
I do have auctex installed, so that's probably what it is. Thank you very much for the answer.
I haven't noticed this situation recently, but when I do I will check that the process's parent really is cron. Thanks for the tip, it hadn't occurred to me to look for that.
It's odd that this process would put such a load on the CPU, I never see Emacs do that when I run it interactively, but that's another issue entirely.
