hrr1963

Registered
Feb 10, 2014
4
0
1
cPanel Access Level
Root Administrator
I have this new VPS, which I just finished setting up the other day. Today I received an email that upcp cron executed. Which is perfectly ok.

Then 20 minutes later I received an lfd warnings, which is ok, because if system files updated, the md5 shouldn't match. What is rare is that I was not able to relate these changes to the cPanel update, went through the logs (maybe didn't saw it), so I'm posting it here, just in case anybody have more info:

I think these are related to the PHP GD, again I was not able to see them in the log.

Thanks

------------
The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:

/usr/bin/annotate: FAILED
/usr/bin/gd2copypal: FAILED
/usr/bin/gd2togif: FAILED
/usr/bin/gd2topng: FAILED
/usr/bin/gdcmpgif: FAILED
/usr/bin/gdparttopng: FAILED
/usr/bin/gdtopng: FAILED
/usr/bin/giftogd2: FAILED
/usr/bin/pngtogd: FAILED
/usr/bin/pngtogd2: FAILED
/usr/bin/sxpm: FAILED
/usr/bin/webpng: FAILED
---------------------------------
Thanks
 

vanessa

Well-Known Member
PartnerNOC
Sep 26, 2006
833
28
178
Virginia Beach, VA
cPanel Access Level
DataCenter Provider
Yes, these are related to GD. You can check /var/log/yum.log to see if the packages updated. In the future, if you're not sure what packages these files belong to, just use yum whatprovides, ie:

yum whatprovides /usr/bin/webpng:

gd-progs-2.0.35-11.el6.x86_64 : Utility programs that use libgd
 

hrr1963

Registered
Feb 10, 2014
4
0
1
cPanel Access Level
Root Administrator
Thank you for your response. I'm not able to see in the upcp log any reference to a GD package updated. Maybe I'm overlooking something... ?

Yes, these are related to GD. You can check /var/log/yum.log to see if the packages updated. In the future, if you're not sure what packages these files belong to, just use yum whatprovides, ie:

yum whatprovides /usr/bin/webpng:

gd-progs-2.0.35-11.el6.x86_64 : Utility programs that use libgd
 

hrr1963

Registered
Feb 10, 2014
4
0
1
cPanel Access Level
Root Administrator
Yes, I was replying, but went to check some configuration. For example LF_integrity is set to 3600 sec, which means it should verify each hour at least.

Knowing that...

I did verify the yum log. I see updates entries for gd-progs and libX (sxpm) but those are from Feb 9 around 11PM.
Then looking through the logs, lfd detected the above changes at : Feb 10 20:00:04, but I received a previous lfd warning regarding php at: Feb 10 01:00:07 , which was at the time of using EasyApache.

Don't you think that , since every hour lfd is executed, I should at least received that list appended to the list of PHP or around that time?

Basically a whole day passed and lfd didn't notice, that is what I found strange and concerning. Which lead me to question the validity of these files.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

You can always browse to "WHM Home » Server Configuration » Update Preferences" and modify the setting for "Operating System Package Updates" so that you run them manually. This might help you to verify that package updates through YUM only occur when you update them manually. However, it would be important that you update the packages on a regular basis.

Thank you.