The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

One or more immutable files are preventing cPanel and WHM from updating on your serve

Discussion in 'General Discussion' started by uacomm, Jun 10, 2011.

  1. uacomm

    uacomm Member

    Joined:
    Apr 15, 2011
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    I am receiving following notification from server so can any one tell why is it? how to resolve it?


    --------------------------------------------------------------------
    The find-immutable-files script, run by the cPanel & WHM update process (/scripts/upcp), found 10 files distributed by cPanel marked as immutable on your server.

    cPanel & WHM cannot update until you make these files mutable. The list of immutable files is located on your server at "/var/cpanel/immutable_files".

    The files found are:

    /usr/local/cpanel/cgi-sys/guestbook.cgi
    /usr/local/cpanel/cgi-sys/mchat.cgi
    /usr/local/cpanel/cgi-sys/cgiecho
    /usr/local/cpanel/cgi-sys/cgiemail
    /usr/local/cpanel/cgi-sys/formmail.pl
    /usr/local/cpanel/cgi-sys/FormMail.cgi
    /usr/local/cpanel/cgi-sys/formmail.cgi
    /usr/local/cpanel/cgi-sys/FormMail-clone.cgi
    /usr/local/cpanel/cgi-sys/FormMail.pl
    /usr/local/cpanel/cgi-sys/Count.cgi

    The find-immutable-files script was run, because one or more immutable files found on a previous run (Wed Jun 8 23:49:15 2011) still remained, and had not been made mutable.
     
  2. uacomm

    uacomm Member

    Joined:
    Apr 15, 2011
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    I have found solution.
     
  3. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    We just had the same issue on one of three of our servers. Cpanel has done a nice job on this one including explanations and step-by-step resolution details in their alert email - nicely done cpanel!

    However, my question is this - what caused this to occur on this one server, and all of the others reporting the same? Our immutable files are identical to those shown above.

    We have never taken any action to make them immutable.

    Thanks.

    Mike
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Hello Mike,

    These files would not have been modified by cPanel but another script that was installed might have done it such as CSF or Fantastico. If you look at the timestamps for one of the files, you would be able to tell when they were last modified:

    Code:
    stat /usr/local/cpanel/cgi-sys/guestbook.cgi
    We won't have any set way to know which script might have set the files to immutable.

    Thanks!
     
  5. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Thanks Tristan. That's helpful. So, hopefully changing them so that they can be updated won't break anything else.

    Thanks.

    Mike
     
  6. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Actually, I do have a question on this -

    The instructions that cpanel provided in the email alert explain how to exclude the files from update, but they don't address how to have cpanel proceed with its update and update these files as needed.

    I have no knowledge of why these would be immutable, since they were not in our other servers and our configs are the same.

    How would you suggest to proceed with the update?

    Thanks.

    Mike
     
  7. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    The update itself will proceed, and only those files will not be updated. If you wish the files to be able to be updated, you'd have to make them mutable:

    Code:
    chattr -i /pathtofile
     
  8. lbeachmike

    lbeachmike Well-Known Member

    Joined:
    Dec 27, 2001
    Messages:
    313
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Long Beach, NY
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Okay - and then re-run the update with the force option?
     
  9. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Correct, simply re-run /scripts/upcp --force at that point.
     
  10. audrey

    audrey Well-Known Member

    Joined:
    Oct 18, 2006
    Messages:
    72
    Likes Received:
    1
    Trophy Points:
    8
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Hi Tristan

    I value your opinion-you have always steered me in the right direction!

    cpanel's email about the immutable files has a couple of extra steps

    it says
    For each immutable file, execute the following commands:

    chattr -i /path/to/file
    echo "/path/to/file" >> /etc/cpanelsync.exclude

    3. Re-sync the files in your cPanel & WHM installation by executing the following command:

    /usr/local/cpanel/scripts/upcp --sync

    >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

    Should I ignore
    echo "/path/to/file" >> /etc/cpanelsync.exclude

    and ignore
    3. Re-sync the files in your cPanel & WHM installation by executing the following command:

    /usr/local/cpanel/scripts/upcp --sync

    and just go straight to
    /scripts/upcp --force


    Thanks again for all your help
    Audrey
     
    #10 audrey, Jul 15, 2011
    Last edited: Jul 15, 2011
  11. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    You don't have to exclude the files if you are going to make them mutable. You would only exclude them if you aren't going to make them mutable again.

    As for /usr/local/cpanel/scripts/upcp --force, this is the same as /scripts/upcp --force since on 11.30 and higher the /scripts directory is symlinked to /usr/local/cpanel/scripts location.
     
  12. audrey

    audrey Well-Known Member

    Joined:
    Oct 18, 2006
    Messages:
    72
    Likes Received:
    1
    Trophy Points:
    8
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Hi Tristan

    Thanks as always for your quick response

    I don't want to exclude - cpanel can update the script-probably a good thing.

    I make the cgi-sys/guestbook.cgi immutable
    because
    I don't want anyone to use this script.

    Clients enable it on their sites and do not monitor it and it causes havoc when every porn star and spammer, etc
    posts to it.

    Is there any way to let cpanel update the script and still prevent it from being used?

    Thanks again
    Audrey
     
  13. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Why not exclude the file from updates and remove it from existing entirely? Then there isn't an immutable flag on it and it doesn't need to get updated either.
     
  14. audrey

    audrey Well-Known Member

    Joined:
    Oct 18, 2006
    Messages:
    72
    Likes Received:
    1
    Trophy Points:
    8
    Re: One or more immutable files are preventing cPanel and WHM from updating on your s

    Hi Tristan

    sounds like a good plan-but-
    if I delete it entirely - perhaps a cpanel update down the road will not be happy that it cannot find the script.

    I will see how it goes with the updates and if the script gets to be an issue again
    I will follow your advice

    Have a great night
    Take Care
    Audrey
     
  15. DomineauX

    DomineauX Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    414
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating

    Just wanted to add that we really need a good way to get rid of the cgi-sys/guestbook.cgi per account at least as PCI scanning companies are failing scans if it is present at all despite the fact that the ancient exploits from 2003 are resolved:

    Example from Security Metrics:

    That is after I provided them with the following:

     
  16. DomineauX

    DomineauX Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    414
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating

    Just want to add the following as a good solution provided to me by James Otting @cPanel:

    Create /etc/httpd/conf/userdata/std/2/username/pci.conf containing:

    <Files "guestbook.cgi">
    Order allow,deny
    Deny from all
    </Files>

    Then rebuild/restart Apache:

    /scripts/rebuildhttpdconf
    /scripts/restartsrv_httpd

    All fine now and requests are refused.
     
  17. techdruid

    techdruid Member
    PartnerNOC

    Joined:
    Jan 16, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating

    If you have SSL enabled, as you may on a PCI scanned website, you'll want to also create the ssl file equivalent of the above.

    Create /etc/httpd/conf/userdata/ssl/2/username/pci.conf
     
  18. DomineauX

    DomineauX Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    414
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Re: One or more immutable files are preventing cPanel and WHM from updating

    Yes very good point.
     
  19. mwsfx

    mwsfx Registered

    Joined:
    Feb 19, 2013
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Re: One or more immutable files are preventing cPanel and WHM from updating

    Hi! on my cPanel Server 11.34.1 we only have the first part of the given path:
    /etc/httpd/conf/

    do I have to create the remaining path structure by myself? ...userdata/std/2/username/pci.conf
    I already disabled the "guestbook & cgi scripts" in the "Servers Feature Manager" without success.

    many thanks!
     
  20. DomineauX

    DomineauX Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    414
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Yes you would need to create the rest of the directories such as:

    mkdir -p /etc/httpd/conf/userdata/std/2/username/
    (mkdir -p will automatically create the higher level directories if not already present)
     
Loading...

Share This Page