High CPU in the UNIX / Linux OS Agent processes can be generated by situations on the File Information attribute group when the predicate contains conditions on the "Checksum" or the "File_Content_Changed" attributes, and a very big file is present in one of the paths specified in the situation, or under the default root path ("/").
Files that are hundreds megabytes large can require several seconds for their checksum to be computed. In this timeframe the agent reaches 100% CPU utilization on a single processor.
The CPU spike and its duration is comparable to that produced by external commands like "cksum" run on the same files, so this can be considered normal behavior, but the issue at OS agent level is that this condition is more likely to occur in 6.30 FP4 respect to previous versions because all the files under the paths specified in the situation and under the root path get now evaluated.
The following UNIX / Linux OS agent versions are impacted:
6.30 FP4 (6.3.0-TIV-ITM-FP0004)
6.30 FP4 IF1 (126.96.36.199-TIV-ITM_UNIX-IF0001 / 188.8.131.52-TIV-ITM_LINUX-IF0001)
Stop running any situations on the File Information attribute group having the "Checksum" or the "File_Content_Changed" attributes in their definition, if you are noticing that they produce spikes in CPU consumption by the OS agent,
apply APAR IV71202 (UNIX) and IV71203 (LINUX) that introduce a new environment variable, KUX_CHECKSUM_LIMIT / KLZ_CHECKSUM_LIMIT, to limit the size of files to which the checksum algorithm can be applied. Default value is 100 (MBytes). Value 0 means "unlimited".
These APARs are going to be included in Interim Fix:
6.30 FP4 IF2 (184.108.40.206-TIV-ITM_UNIX-IF0002 / 220.127.116.11-TIV-ITM_LINUX-IF0002 )
and in Fix Pack:
6.30 FP5 (6.3.0-TIV-ITM-FP0005)
this info also available on the web site here: http://ibm.co/1C5zIQT