Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Linux system hard drive suddenly fills up.

Posted on 2016-11-03
7
Medium Priority
?
39 Views
1 Endorsement
Last Modified: 2016-11-08
Hello,

I have a Linux box running as a router/firewall/Xeams firewall.  It has 146GB drive.  Up until about 2 weeks ago about 20GB was being used consistently.  All of the sudden the hard drive is getting full.  Xeams told me to run du -h . in the directory where Xeams is installed.  I do not see anything that is unusually large.

Please advise.

Have a great day,

Don
1
Comment
Question by:GEMCC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 29

Expert Comment

by:Dr. Klahn
ID: 41872429
Are you in a command line environment, or is a GUI desktop available?
0
 

Author Comment

by:GEMCC
ID: 41872439
Command.  I ran df -h and see /dev/md1 is utilizing 139GB but do not know what to do.
0
 
LVL 29

Expert Comment

by:Dr. Klahn
ID: 41872466
OK.  You will need to su to get reliable results.

Use the command "du -h 1" to print the disk usage for the directory you are in and those one level down.  On the left is the space taken up, on the right is the directory name.  Here is an example from my system.

root@www:/# cd /
root@www:/# du -h -d 1
6.0M    ./bin
4.7M    ./sbin
4.0K    ./media
4.0K    ./srv
92M     ./lib
4.0K    ./opt
310M    ./var
804K    ./home
0       ./dev
8.0K    ./mnt
16K     ./lost+found
1.5G    ./usr
34M     ./boot
48K     ./root
59M     ./www
3.0M    ./etc
1012K   ./run
0       ./tmp
0       ./proc
0       ./sys
2.0G    .

Open in new window


We see that the majority of the space, 1.5 GB, is under /usr.  Now begin a tedious process of going down one level, looking at that level, deciding if it is where the disk went, and repeating until eventually the location of the disk loss is found.

root@www:/# cd /usr
root@www:/usr# du -h -d 1
37M     ./bin
15M     ./sbin
179M    ./lib
28M     ./local
190M    ./share
4.0K    ./games
984M    ./src
22M     ./include
30M     ./libexec
1.5G    .

Open in new window


This is mostly system stuff with the exception of /local.  Back up one level, look at /var.  And so on.

I would start by looking in /var.  Logfiles can become enormous very rapidly.
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 88

Expert Comment

by:rindi
ID: 41872557
What distro is it based on? are you running updates and not removing old kernel versions?

Xeams firewall seems to dump junk mails into the Quarantine, so if you get plenty of junk that would fill that up. So I'd suggest you check the Xeams firewall Quarantine settings.
1
 
LVL 80

Expert Comment

by:arnold
ID: 41872570
df -k

How your partitioned, the likely issue is that your logrotate did not sever the connection between a process and a LogFile into which it was writing, so while du does not reflect the space used, the file handle being active still reflects that space as in use.

You need to use lsof to locate a process attached to a large file. Restarting that process will release the space.

We're any changes made two to three weeks prior I.e. Logging firewall events, implementation of fail2ban?
0
 

Accepted Solution

by:
GEMCC earned 0 total points
ID: 41873285
1
 

Author Closing Comment

by:GEMCC
ID: 41878491
Issue resolved
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Suggested Courses
Course of the Month11 days, 19 hours left to enroll

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question