The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel just updated on its own ???

Discussion in 'General Discussion' started by nyjimbo, Mar 12, 2004.

  1. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
    Just sitting here at 1pm eastern time in NY and Cpanel just did a update all by itself. I have never seen it do this and its middle of the afternoon here, not 2am.

    We have everything set to be manual updates. Why did it just update on its own ???

    also got emails saying:

    cpanel failed @ Fri Mar 12 13:05:35 2004. A restart was attempted automagicly.
    webmail failed @ Fri Mar 12 13:05:57 2004. A restart was attempted automagicly.
    whostmgr failed @ Fri Mar 12 13:06:07 2004. A restart was attempted automagicly.

    What the hell is going on ????
     
  2. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
    Ok, the update finished and the whole system was pretty much dead so I had to reboot. Now I get

    eximstats failed @ Fri Mar 12 13:18:22 2004. A restart was attempted automagicly.

    I am guessing DarkOrb did some kind of forced update, which I am not too happy about as we were in the middle of some work on that server and had no idea what was going on.
     
  3. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    Did you have security updates set to manual? ;)

    If you look in WHM -> Change Update Preferences you will see that there are three types of updates.
     
  4. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
    Everything is set to manual. There is no reason that the system would update at 1pm. We have had Cpanel for more than a year and it never did this.
     
  5. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    Somethng fishy is going on then. My servers did not update automatically.

    Maybe something you were working on triggered it? Maybe an over zealous NOC or DC? Maybe something buried in a script running via cron?

    I know I am grasping at straws but obviously something triggered it.
     
  6. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
    Just saw a thread on this:

    "Critical Update Notice
    All machines that are prone to the resetpass exploit will get a critical update request, and will update reguardless of their update settings. This will only affect machines that are prone to this exploit.

    If you don't want this to happen, chmod 0 /scripts/upcp

    We are sorry for any inconvience this may cause.

    This update is scheduled for after 3pm EST today"

    Dont know why its not a sticky at the top or emailed to peopleinstead of just doing it.
     
  7. RobertOnTheAir

    RobertOnTheAir Active Member

    Joined:
    Aug 2, 2003
    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    Part of the reason they can't e-mail it is because CPanel only has a list of IPs authorized to use each license of the software.

    CPanel distributors, server resellers, etc all could own the machine and they're e-mail address would never be known to CPanel directly. It would be with the NOC that sold the server with it or with the software distributor.

    And regarding why they did not have it posted in the WHM... it's been there basically all day today that I've seen. When something major like this comes up, I think it's good CPanel takes a proactive approach to stop serious security issues in they're tracks. They gave as much notice as they could... but sometimes in "crisis mode" there is not always time for as much notice as we like.

    Have you tried switching to either a Current or Release build (opposite of whatever you normally have now) to fix the issue? That might straighten it out for ya. :)

    Good luck!
     
  8. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    That is ridiculous.

    Lets put aside for a second the argument about whether or not cpanel should even be able to bypass your update settings (THEY SHOULD NOT!). People should be given notice if something like this is going to happen and one day is not the kind of notice I am talking about. Who knows how many shops log in to WHM or check these forums every day?

    What about one man shops where the admin has decided to take the weekend off from monitoring and updates. They now have the "pleasant" surprise of being greeted by a beeping pager or ringing off the hook phone? Give me a break. I know security is important, but cpanel has not shown that they can implement this patch without issue. I think that individual shops should be able to decide their own time table for addressing these kinds of issues.
     
  9. Watcher_TVI

    Watcher_TVI Registered

    Joined:
    Mar 10, 2003
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I can imagine what people would be saying about CPanel if they didn't take proactive steps to address an exploit that could allow root level access and/or commands.
     
  10. vortech

    vortech Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    6
    Our systems did the same thing, pop3 died on one thats what let us know and nothing would fix it. We did an upgrade and it seems to of fixed it for now, but still no idea why the cpanel service just stopped.
     
  11. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    Taking proactive steps to address an exploit (aka offering a patch) and usurping admin responsibilities are two different actions. I am glad that they are addressing the issue. They should not be updating servers that administrators have intentfully marked as allowing manual upgrades only regardless of the nature of the exploit.
     
  12. SonServers

    SonServers Well-Known Member

    Joined:
    Oct 24, 2001
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    6
    Same thing happened here. I was doing something else in a shell when the system notice came that cpanel was starting an update. I didn't know Cpanel could to that.

    Mine didn't restart after the update either . . . had to do it manually. There is a FreeBSD notice in the news about killing everything first to restart but how would you see that news post if whostmgr is down?

    I'm on FreeBSD and Edge. Everything seems to be up, but "Service Status" has listed cpanel, webmail, and whostmgr as all failed for over 30 minutes now.
     
  13. LS_Drew

    LS_Drew Well-Known Member

    Joined:
    Feb 20, 2003
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    16
    what does that mean 'prone to the exploit'? Every machine on an earlier version? Most of our machines aren't even upgraded to the version that has that password feature.

    What about machines that have already been manually patched? I'm not ready to upgrade to Cpanel 9.anything thank you very much.
     
  14. MattF

    MattF Active Member

    Joined:
    May 5, 2002
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    A proactive step would to be thoroughly review the code first, especially a module such as that. I can't imagine the monthly revenue of Cpanel, I imagine it would be a drop in the ocean to hire a good security audit person external to the company.
     
  15. AlaskanWolf

    AlaskanWolf Well-Known Member

    Joined:
    Aug 11, 2001
    Messages:
    537
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Fremont CA
    Grrow up Matt, its a never ending pout job with you kids. nothing fucken satisfies you does it. You want the world given to you on a golden fricken platter.

    you should be thankful to Cpanel for proactively fixing this hole when your to lazy to do so! GROW UP
     
  16. LS_Drew

    LS_Drew Well-Known Member

    Joined:
    Feb 20, 2003
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    16
    Cram it, Petola.

    1) Nobody asked you.

    2) Don't call people lazy when you haven't the foggiest clue what you're talking about.
     
  17. MattF

    MattF Active Member

    Joined:
    May 5, 2002
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    I disagree with you on that one. Perhaps I'd have gone with that a few years ago, but as we know today security is paramount. Mistakes can be accomodated to a certain degree, hey we all make them, but when a company like cPanel release something that is fundamentally insecure like that then questions have to be asked as to where the resources are going?

    I'm certainly not happy.
     
  18. dhabets

    dhabets Well-Known Member

    Joined:
    Dec 31, 2001
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    DataCenter Provider
    Great... now I know why I just wasted hours of my time fixing broken cPanel boxes. F-ing great.
     
  19. MattF

    MattF Active Member

    Joined:
    May 5, 2002
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Lazy? I had disabled it the moment I heard about it.

    Grrow fucken platter. Hmm.. okay.. :rolleyes:
     
  20. dhabets

    dhabets Well-Known Member

    Joined:
    Dec 31, 2001
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    DataCenter Provider
    Not getting into that argument, but I had it set to MANUAL for a reason. I already patches the actual code yesterday and now I end up with 15 boxes that needed my attention right in the middle of the business day.

    MANUAL means -> don't do anything unless I tell you to.

    Just my 2c!
     
Loading...

Share This Page