Jul 2, 2013
cPanel Access Level
Root Administrator
So I'm working on implementing automatic Maldet scans on the weekend for some of our cPanel servers.

I recently learned of the cpuwatch script, and was using this to watch the maldet process so that if load goes above X, it SIGSTOP's the process till load drops.

This worked great from command line. Everything worked as expected.

However, when running the exact same command from my script, things LOOKED like they would work right.
The maldet process was found, a cpuwatch was implemented on the parent maldet process. I verified this.

Nothing out of the ordinary. But all of a sudden when load rose above X, all of a sudden the cron job launching the script that launched the scans would be SIGSTOP'd which in turn would SIGSTOP the cpuwatch process. Thus leaving everything the cron job ran SIGSTOP'd

I'm still not sure why this is, but a work around for this I found was to pipe the command to "at" instead of running it from the script.

echo "/usr/local/cpanel/bin/cpuwatch # -p $(ps auxf | grep '/usr/local/sbin/maldet' | grep -v grep | awk '{print $2}')" | at now

After that everything works as expected. Just thought this may be useful in the future to someone with the same problem.


Staff member
Apr 11, 2011
I am happy to see that you were able to find a solution to the problem you encountered. Thank you for providing us with the workaround that you used.