Let's say you want to find out who kicked off the most memory consuming process using root.
1) open top.
2) sort by mem by pressing >
3) write down the pid
4) sudo vim /proc/<pid>/environ , you will find the the user in: SUDO_USER='\<user\>'
There are some other ways: http://unix.stackexchange.com/questions/7334/using-top-to-see-processes-run-by-a-user-on-behalf-of-sudo
No comments:
Post a Comment