Remove Apache Backup Directories?

[Michaelit]

Dear cPanel team,
i run the relative code lines today as discribed in the article: Monitor your system in order to find out the world written files as well as the ones with no owner. As far as i can see a number of files are pointed to the location:
- /usr/local/apache.ea3

As i was wondering i use ea4 and i think that this folder stayed there as a backup for a long time. The question is: Can a totally remove this folder as well as the following one for the same reason?

- /usr/local/apache.backup
- /usr/loca/apache.backup_archive


Thank you in advance!

 

[Jcats]

Yes but to be safe you could also archive them first.

tar -zcf /root/apache.backup.tar.gz /usr/local/apache.backup* /usr/local/apache.ea3

then remove them

 

[Michaelit]

Thank you @Jcats. I did this!
Can you please advise me what i could do with the attached txt files? There are the files that are world_written as well the ones that have no owner?

 

[cPanelLauren]

The first attachment shows files on the server that are world writeable by default. This is necessary for all users on the system to be able to write to them.

As far as the files that have no owner are they extensions that are in use? For the ones in /var/cpanel/user_pw_cache/ if they're no longer associated with a user on the system they wouldn't be necessary to retain.

 

[Michaelit]

Thank you @cPanelLauren for your response.
Can you please help me how can i find out if these extensions are in use in no_owner.txt file? I try to figure this out without success since now.

 

[cPanelLauren]

Hello @Michaelit

I can try but this is ultimately something that would be best addressed with your system administrator. If you don't have one you might find one here: System Administration Services

I would suggest first moving all the data to another location instead of deleting it - then when you're sure it's not in use or that nothing is adversely affected it can be removed safely.

For the files here:

/var/cpanel/user_pw_cache/514
/var/cpanel/user_pw_cache/513
/var/cpanel/user_pw_cache/509
/var/cpanel/user_pw_cache/506
/var/cpanel/user_pw_cache/504
/var/cpanel/user_pw_cache/505
/var/cpanel/user_pw_cache/519
/var/cpanel/user_pw_cache/533
/var/cpanel/user_pw_cache/515
/var/cpanel/user_pw_cache/516
/var/cpanel/user_pw_cache/530
/var/cpanel/user_pw_cache/510
/var/cpanel/user_pw_cache/520
/var/cpanel/user_pw_cache/518
/var/cpanel/user_pw_cache/507
/var/cpanel/user_pw_cache/511

You'll need to look at the user and group. These files if in use will be owned by the UID: root and GID: $username like the following for example:

-rw-r-----   1 root resellertest      215 Dec 18  2018 1018
-rw-r-----   1 root cptest            203 Jul 16 10:30 1019

When not in use/the group no longer exist the UID will be root and the GID will be a number and in cases like this, you should be able to remove these.

For this:

/var/cpanel/logaholic

logaholic is a 3rd party analytics service. If you're not using it then you can remove this directory.

For the long list of entries similar to this:

/root/.cpanm/work/1534283773.26742/ExtUtils-MakeMaker-7.34

ExtUtils-MakeMaker is a perl module a description of it can be found here: ExtUtils::MakeMaker - perldoc.perl.org

The files similar to this:

drwxr-xr-x  6 root   root       4.0K Mar 30 05:18 YAML-Syck-1.31

From what I see on my test server should be owned by the root user/group but this is another perl module which is described here: YAML::Syck - Fast, lightweight YAML loader and dumper - metacpan.org

The same for the HTTP-Tiny files and Try-Tiny files. For all of these, they're in the /root/.cpanm/work/ directory which is where these are being unwrapped for use on existing accounts - so either the account was removed or it's owned by the root user, you might try making a backup of the directory and modifying the user:group to be root:root. using chown.

 

[Michaelit]

Thank you @cPanelLauren for your amazing support!
I followed your suggestions without any issue (since now) and i have one last (i hope) question - confirmation pointed to the last group of files.

The following folders have no any GID however the UID is pointed to games!
- /.cpanm/work/1534283773.26742/HTTP-Tiny-0.076
- /.cpanm/work/1534283773.26742/Try-Tiny-0.30
- /.cpanm/work/1534283773.26742/YAML-Syck-1.30

I attach a relative image.
Check the files inside of these files f.e: in HTTP-Tiny-0.076/ folder. As you can see most of these files have games UID. The question here is: Would it be save to change all the inside folders/files to root:root ?

Thank you again!

 

[cPanelLauren]

That's the games GID. The UID in all instances where it's set to games set to a number instead which indicates that it has no valid user/group and why I suggested modifying the user:group in those cases to root:root. Really the items there with the number/games UID/GID are most likely safe to remove.

 

[Michaelit]

Thank you @cPanelLauren! I removed them!