pandora?!

Hello,

Does anyone know what this is please. I've never seen a proc called pandora running?!

SunOS xxxxx 5.10 Generic_118822-25 sun4u sparc SUNW,Sun-Fire-V210

/usr/ucb/ps/wwaux:

lp20364 0.0 0.1 1888 424 ?SMar 23 0:00 lpadmin

root21707 0.0 0.8 4616 3624 ?SMar 29 1:18 /usr/lib/inet/inetd start

root21827 0.0 0.2 1928 984 ?SMar 29 0:00./pandora

truss -p 21827:

accept(3, 0xFFBFFD38, 0xFFBFFD2C, SOV_DEFAULT) (sleeping...)

pfiles 21827:

21827: ./pandora

Current rlimit: 256 file descriptors

0: S_IFCHR mode:0666 dev:317,0 ino:6815752 uid:0 gid:3 rdev:13,2

O_RDWR

/devices/pseudo/mm@0:null

1: S_IFCHR mode:0666 dev:317,0 ino:6815752 uid:0 gid:3 rdev:13,2

O_RDWR

/devices/pseudo/mm@0:null

2: S_IFCHR mode:0666 dev:317,0 ino:6815752 uid:0 gid:3 rdev:13,2

O_RDWR

/devices/pseudo/mm@0:null

3: S_IFSOCK mode:0666 dev:323,0 ino:8389 uid:0 gid:0 size:0

O_RDWR

SOCK_STREAM

SO_SNDBUF(49152),SO_RCVBUF(49152)

sockname: AF_INET 0.0.0.0port: 56656

telnet 0 56656:

bash-3.00# truss -p 21827

accept(3, 0xFFBFFD38, 0xFFBFFD2C, SOV_DEFAULT) (sleeping...)

^Cbash-3.00# truss -p 21827

accept(3, 0xFFBFFD38, 0xFFBFFD2C, SOV_DEFAULT) (sleeping...)

accept(3, 0xFFBFFD38, 0xFFBFFD2C, SOV_DEFAULT) = 4

fork1()= 1336

lwp_sigmask(SIG_SETMASK, 0x00000000, 0x00000000) = 0xFFBFFEFF [0x0000FFFF]

close(4)= 0

accept(3, 0xFFBFFD38, 0xFFBFFD2C, SOV_DEFAULT) (sleeping...)

Received signal #18, SIGCLD, in accept() [caught]

siginfo: SIGCLD CLD_EXITED pid=1336 status=0x0000

accept(3, 0xFFBFFD38, 0xFFBFFD2C, SOV_DEFAULT) Err#4 EINTR

schedctl() = 0xFF170000

lwp_sigmask(SIG_SETMASK, 0x00000000, 0x00000000) = 0xFFBFFEFF [0x0000FFFF]

sigaction(SIGCLD, 0xFFBF7210, 0xFFBF72B0)= 0

waitid(P_ALL, 0, 0xFFBF7210, WEXITED|WTRAPPED|WNOHANG) = 0

setcontext(0xFFBF7200)

accept(3, 0xFFBFFD38, 0xFFBFFD2C, SOV_DEFAULT) (sleeping...)

Find command does not find it?! Also, I had to replace /usr/ucb/ps with a copy from another server as the binary was exactly the same as the ps in /usr/sbin.

/usr/sbin/ps -ef does not list a process, /usr/ucb/ps wwaux does?!?!

What is this? Where do I look for it?

Any help greatly appreciated

Thanks

[2432 byte] By [darko15a] at [2007-11-27 2:57:41]