Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Potential backup issues on servers with disabled /bin/tar

Discussion in 'Data Protection' started by EricGregory, Dec 17, 2008.

  1. EricGregory

    EricGregory Accounts Manager
    Staff Member

    Joined:
    Nov 27, 2002
    Messages:
    123
    Likes Received:
    1
    Trophy Points:
    243
    Location:
    Pennsylvania
    cPanel Access Level:
    DataCenter Provider
    It has been brought to our attention that backups are not running
    properly on servers that have disabled /bin/tar. To eliminate this issue before
    it becomes a problem please check the following:

    Permissions on /bin/tar should be 755. This can be accomplished from
    a root shell via the following command:
    root@host [~]# ls -l /bin/tar

    If the result of that command starts as follows you are all set and
    everything should be working:

    -rwxr-xr-x

    If not, please execute the following command:
    root@host [~]# chmod 755 /bin/tar

    As always, if you have any questions or run into any problems our
    technical team is standing by to offer any assistance you may need by accessing https://tickets.cpanel.net/submit/
     
    #1 EricGregory, Dec 17, 2008
  2. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    941
    Likes Received:
    0
    Trophy Points:
    66
    i did & it is working fine

    Thanks for sharing the information.
     
    #2 crazyaboutlinux, Apr 23, 2009
  3. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    8
    Trophy Points:
    193
    Tar is one of those used by the system too extensively to generally disable.

    There are some commands that I would lock down in /bin and /usr/bin
    respectively and for those, it will help quite a bit, to name just a few:

    lynx (Haven't found anyone needing this - 0500 hasn't been a problem)
    wget (This one helps to set owner 'root:cpanel' with 0750)
    chattr (I generally 0700 it to 'root:root' and Chattr +i itself)
    chown (0700 'root:root' & chattr +i)
    touch (same as Chown)

    The important thing is you don't want to kill a standard command that
    might actually be needed by some service on your server or Cpanel.

    The ones listed above work fine with the tightened permissions and I've
    tested this out and there are a number of others but the ones listed above
    will wreak havoc on most of the automated hack systems and make internal
    attacks a lot more difficult (at least being able to properly cover their tracks).
     
    #3 Spiral, Jun 11, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Potential backup issues
  1. Gareth Johnstone

    Potential Amazon s3 Bug

    Gareth Johnstone, May 1, 2018, in forum: Data Protection
    Replies:
    1
    Views:
    98
    cPanelLauren
    May 2, 2018
  2. Nile Youth

    SOLVED Message was blocked because its content presents a potential security issue

    Nile Youth, Dec 21, 2017, in forum: E-mail Discussion
    Replies:
    12
    Views:
    7,805
    cPanelMichael
    Feb 12, 2018
  3. Paul Ward

    Potentially compromised account

    Paul Ward, Jul 31, 2017, in forum: E-mail Discussion
    Replies:
    3
    Views:
    383
    cPanelMichael
    Aug 1, 2017
  4. tomdchi

    EA4 migration and potential ruby/rails/passenger issues

    tomdchi, Mar 8, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    867
    cPanelMichael
    Mar 12, 2017
  5. Khalid Nihaya

    New Thread Where is Backup Users List Located?

    Khalid Nihaya, Jun 25, 2018 at 6:31 AM, in forum: Data Protection
    Replies:
    0
    Views:
    0
    Khalid Nihaya
    Jun 25, 2018 at 6:31 AM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice