Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Changes to pkgacct to not backup all files

Discussion in 'General Discussion' started by alexheizer, Apr 6, 2009.

  1. alexheizer

    alexheizer Active Member

    Dec 17, 2003
    Likes Received:
    Trophy Points:
    Apparently, there were recent changes to the way WHM creates its pkgacct backups. If you have any files in account directories which are owned by anyone other than the account user, this affects you.

    Since this is a major change for many web hosters, I thought someone should alert everyone (cPanel evidently doesn't see this as a big deal).

    We noticed it because we only run a CMS on our servers, which run as the Apache user 'nobody'. Before the code change, all of the files located in a user directory would be backed up, including those owned by 'nobody'. Now, only those owned by the user get backed up. For us, this translates to only about 10% of a user's files (by volume).

    I've submitted a bug report, however, cPanel maintains that this was intentional for security reasons. Recommendations by them are to either reconfigure your servers to use suPHP/suEXEC or to custom program your own workaround to their program which used to work properly.


    Although the backup program is supposed to back up every file which is readable by the user (regardless of the owner), in my case it does not. They say they're considering options to also include files owned by the Apache user, 'nobody'.

    My opinion is that other programs handle security, a backup program's sole function should be to back up every file located in the source directory just as it appears there. A backup program should not make security judgements, since as a hosting provider I may change permissions or add files to an account based on my own policies. Because of my configuration I need a backup program to copy and archive every file located in a directory so that I can rescue an account or move it to another server as quickly as possible, and omitting files may cause me to lose one or more customers in case of hardware failure.

    If you use WHM because you are a Web Hoster who needs to Manage the server (which is why you have Web Host Manager in the first place) please let the cPanel people know that you need your data backed up safely and completely, and that you have other programs which will be able to keep your server secure! They do listen to their customers, so if you need your data safe let them know you do!
    #1 alexheizer, Apr 6, 2009
    Last edited: Apr 7, 2009

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice