Sorry guys I read endless threads about this and think I know the answer but I'm not sure.
This is my first time trying to set this up.
Summary of system:
So running a GoDaddy VPS on CentOS 7.9 (3.10.0-1160.6.1.el7.x86_64) / EasyApache 4 / v90.0.17
uname -r = 3.10.0-1160.6.1.el7.x86_64
Progress
I ran curl -s https://repo.cloudlinux.com/kernelcare/kernelcare_install.sh | bash
And now Security Advisor is reporting in the green for: "KernelCare is installed and current running kernel version is up to date: 3.10.0-1160.6.1.el7.x86_64"
However it's still asking me to "Add KernelCare's Free Symlink Protection" which has a link to add it which does absolutely nothing except bring me back to security advisor.
"wget -qq -O - https://kernelcare.com/checker | python" -> Reports COMPATIBLE
"kcarectl --set-patch-type free --update" - > Reports " 'free' patch type is unavailable for your kernel "
Questions
1) My assumption is this just another case of having to wait for an update from them?
I do see the version "3.10.0-1160.6.1.el7" listed on patches.kernelcare.com but only as Oracle and RHEL
For CentOS I see it stop at kernel-3.10.0-1160.2.2.el7
2) To finally turn it on I believe I have to go through this process right? or will that link in WHM actually do something after "the free version is available for my kernel"?
(BTW it says apache is usually running under the GID 99 on Cpanel servers. How do you confirm that?)
3) Based on the kcarectl message I'm guessing it's not going to work anyway right? So I haven't proceeded with "2"
I tried to simplify the post as best I could while providing all the info I could sorry if I rambled haha
Thanks everyone,
Kenny
This is my first time trying to set this up.
Summary of system:
So running a GoDaddy VPS on CentOS 7.9 (3.10.0-1160.6.1.el7.x86_64) / EasyApache 4 / v90.0.17
uname -r = 3.10.0-1160.6.1.el7.x86_64
Progress
I ran curl -s https://repo.cloudlinux.com/kernelcare/kernelcare_install.sh | bash
And now Security Advisor is reporting in the green for: "KernelCare is installed and current running kernel version is up to date: 3.10.0-1160.6.1.el7.x86_64"
However it's still asking me to "Add KernelCare's Free Symlink Protection" which has a link to add it which does absolutely nothing except bring me back to security advisor.
"wget -qq -O - https://kernelcare.com/checker | python" -> Reports COMPATIBLE
"kcarectl --set-patch-type free --update" - > Reports " 'free' patch type is unavailable for your kernel "
Questions
1) My assumption is this just another case of having to wait for an update from them?
I do see the version "3.10.0-1160.6.1.el7" listed on patches.kernelcare.com but only as Oracle and RHEL
For CentOS I see it stop at kernel-3.10.0-1160.2.2.el7
2) To finally turn it on I believe I have to go through this process right? or will that link in WHM actually do something after "the free version is available for my kernel"?
Code:
Create the file /etc/sysconfig/kcare/sysctl.conf:
fs.enforce_symlinksifowner = 1
fs.symlinkown_gid = 48
Execute:
sysctl -w fs.enforce_symlinksifowner=1
sysctl -w fs.symlinkown_gid=993) Based on the kcarectl message I'm guessing it's not going to work anyway right? So I haven't proceeded with "2"
I tried to simplify the post as best I could while providing all the info I could sorry if I rambled haha
Thanks everyone,
Kenny
Last edited:
