linuxguy123

Registered
Apr 5, 2015
1
0
1
UK
cPanel Access Level
Root Administrator
Hey Guys

Just switched to mod_ruid2 with DSO as handler after checking the process logs and monitoring in command line (top). PHP is running as nobody.

Can anyone help with a fix for this?
 

Benjade77

Member
Nov 15, 2015
7
0
1
Brussels
cPanel Access Level
Root Administrator
Hello, I have this error on my cPanel Security Advisor, and i dont find anwser to this problem:
Code:
Apache Symlink Protection: Grsecurity sysctl valuesIt seems that your sysctl keys, enforce_symlinksifowner, and symlinkown_gid, may not be configured correctly for a cPanel server. Typically, enforce_symlinksifowner is set to 1, and symlinkown_gid is set to 99 on a cPanel server. For further information, see the Grsecurity Documentation.
I have CentOs 6 X86_64 with last stable whm 11.52.22.

Running with Apache 2.4, PHP 5.6 DSO SuExec, MPM Prefork, Mod Ruid2, Symlink Race Condition Protection, Mod security with OWASP activated and mod_ruid + jailshell.
.

I tried to add :

fs.enforce_symlinksifowner = 1
fs.symlinkown_gid = 99

to /etc/sysctl.conf and type sysctl -p but it give the error unknow key.


Can you help me please ?

Thanks !
 
Last edited by a moderator:

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
I tried to add :

fs.enforce_symlinksifowner = 1
fs.symlinkown_gid = 99

to /etc/sysctl.conf and type sysctl -p but it give the error unknow key.
Hello :)

The following command should provide you with the correct variables to edit:

Code:
sysctl -a | egrep 'symlinksifowner|symlinkown'
Note that you may need to reboot the machine after adding in the new values.

Thank you.
 

Benjade77

Member
Nov 15, 2015
7
0
1
Brussels
cPanel Access Level
Root Administrator
I have the same error, nothing changed. And i have the error too :

Code:
An error occurred while attempting to check whether running executables are up-to-date: Could not open /proc/1/smaps Could not open /proc/2/smaps Could not open /proc/3/smaps Could not open /proc/4/smaps Could not open /proc/5/smaps Could not open /proc/6/smaps Could not open /proc/7/smaps Could not open /proc/8/smaps Could not open /proc/9/smaps Could not open /proc/10/smaps Could not open /proc/11/smaps Could not open /proc/12/smaps Could not open /proc/13/smaps Could not open /proc/14/smaps Could not open /proc/15/smaps Could not open /proc/16/smaps Could not open /proc/17/smaps Could not open /proc/18/smaps Could not open /proc/19/smaps Could not open /proc/20/smaps Could not open /proc/21/smaps Could not open /proc/22/smaps Could not open /proc/23/smaps Could not open /proc/24/smaps Could not open /proc/25/smaps Could not open /proc/26/smaps Could not open /proc/27/smaps........
 

Benjade77

Member
Nov 15, 2015
7
0
1
Brussels
cPanel Access Level
Root Administrator
Using ssh on root i typed
sysctl -a | egrep 'symlinksifowner|symlinkown' and after looked into cpanel security advisor and i have the error:

Apache Symlink Protection: Grsecurity sysctl valuesIt seems that your sysctl keys, enforce_symlinksifowner, and symlinkown_gid, may not be configured correctly for a cPanel server. Typically, enforce_symlinksifowner is set to 1, and symlinkown_gid is set to 99 on a cPanel server. For further information, see the Grsecurity Documentation.