linuxguy123

Registered
Apr 5, 2015
1
0
1
UK
cPanel Access Level
Root Administrator
Hey Guys

Just switched to mod_ruid2 with DSO as handler after checking the process logs and monitoring in command line (top). PHP is running as nobody.

Can anyone help with a fix for this?
 

Benjade77

Member
Nov 15, 2015
18
1
53
Brussels
cPanel Access Level
Root Administrator
Hello, I have this error on my cPanel Security Advisor, and i dont find anwser to this problem:
Code:
Apache Symlink Protection: Grsecurity sysctl valuesIt seems that your sysctl keys, enforce_symlinksifowner, and symlinkown_gid, may not be configured correctly for a cPanel server. Typically, enforce_symlinksifowner is set to 1, and symlinkown_gid is set to 99 on a cPanel server. For further information, see the Grsecurity Documentation.
I have CentOs 6 X86_64 with last stable whm 11.52.22.

Running with Apache 2.4, PHP 5.6 DSO SuExec, MPM Prefork, Mod Ruid2, Symlink Race Condition Protection, Mod security with OWASP activated and mod_ruid + jailshell.
.

I tried to add :

fs.enforce_symlinksifowner = 1
fs.symlinkown_gid = 99

to /etc/sysctl.conf and type sysctl -p but it give the error unknow key.


Can you help me please ?

Thanks !
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
I tried to add :

fs.enforce_symlinksifowner = 1
fs.symlinkown_gid = 99

to /etc/sysctl.conf and type sysctl -p but it give the error unknow key.
Hello :)

The following command should provide you with the correct variables to edit:

Code:
sysctl -a | egrep 'symlinksifowner|symlinkown'
Note that you may need to reboot the machine after adding in the new values.

Thank you.
 

Benjade77

Member
Nov 15, 2015
18
1
53
Brussels
cPanel Access Level
Root Administrator
I have the same error, nothing changed. And i have the error too :

Code:
An error occurred while attempting to check whether running executables are up-to-date: Could not open /proc/1/smaps Could not open /proc/2/smaps Could not open /proc/3/smaps Could not open /proc/4/smaps Could not open /proc/5/smaps Could not open /proc/6/smaps Could not open /proc/7/smaps Could not open /proc/8/smaps Could not open /proc/9/smaps Could not open /proc/10/smaps Could not open /proc/11/smaps Could not open /proc/12/smaps Could not open /proc/13/smaps Could not open /proc/14/smaps Could not open /proc/15/smaps Could not open /proc/16/smaps Could not open /proc/17/smaps Could not open /proc/18/smaps Could not open /proc/19/smaps Could not open /proc/20/smaps Could not open /proc/21/smaps Could not open /proc/22/smaps Could not open /proc/23/smaps Could not open /proc/24/smaps Could not open /proc/25/smaps Could not open /proc/26/smaps Could not open /proc/27/smaps........
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
I have the same error, nothing changed.
Could you elaborate on which steps you have taken to address the issue thus far? Also, please ensure you open new threads for separate warning messages.

Thank you.
 

Benjade77

Member
Nov 15, 2015
18
1
53
Brussels
cPanel Access Level
Root Administrator
Using ssh on root i typed
sysctl -a | egrep 'symlinksifowner|symlinkown' and after looked into cpanel security advisor and i have the error:

Apache Symlink Protection: Grsecurity sysctl valuesIt seems that your sysctl keys, enforce_symlinksifowner, and symlinkown_gid, may not be configured correctly for a cPanel server. Typically, enforce_symlinksifowner is set to 1, and symlinkown_gid is set to 99 on a cPanel server. For further information, see the Grsecurity Documentation.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
the problem is resolved and we can close this topic. Thank you.
I am happy to see the issue is now resolved. Would you mind sharing the solution?

Thank you.