I’ve noticed that on one of our GitLab dedicated servers we have a process that is continually killed in this manner:
[133352.690471] Out of memory: Killed process 322523 (JavaUpdate) total-vm:2592964kB, anon-rss:1234480kB, file-rss:0kB, 0
[134915.125189] Out of memory: Killed process 326228 (JavaUpdate) total-vm:2592964kB, anon-rss:1225240kB, file-rss:0kB, 0
[136482.693904] Out of memory: Killed process 329886 (JavaUpdate) total-vm:2592964kB, anon-rss:1483172kB, file-rss:0kB, 0
[138044.659131] Out of memory: Killed process 333693 (JavaUpdate) total-vm:2592964kB, anon-rss:1335328kB, file-rss:0kB, 0
[139607.956198] Out of memory: Killed process 337348 (JavaUpdate) total-vm:2592964kB, anon-rss:1294408kB, file-rss:0kB, 0
[141169.571878] Out of memory: Killed process 341004 (JavaUpdate) total-vm:2592964kB, anon-rss:1247420kB, file-rss:0kB, 0
[142732.496049] Out of memory: Killed process 344652 (JavaUpdate) total-vm:2592964kB, anon-rss:1243192kB, file-rss:0kB, 0
[144296.258323] Out of memory: Killed process 348345 (JavaUpdate) total-vm:2592964kB, anon-rss:1228940kB, file-rss:0kB, 0
[145859.488904] Out of memory: Killed process 351991 (JavaUpdate) total-vm:2592964kB, anon-rss:1208612kB, file-rss:0kB, 0
This lead me to find this binary at: /var/tmp/.Javadoc/JavaUpdate
Is this a legitimately installed file by and for GitLab? If so, I’m curious about why Java would be trying to update for what could/should be a static installation of Java.
If not, we have no history of anyone installing Java on this server and using it (it’s not even in the Linux package list) and so this is a bit peculiar.