Nope, no bash needed. Note though, you do have to modify David's one liner for, at the very least, your email address and cron time.
Thanks. It's been working well for the past few days and no deletion from cpanel updates. I just realized today my cpanel log wasn't sending me the current log because cron job was executing 3 minutes earlier than the cpanel log update so I was getting yesterday log instead of current today log. All fixed now after moving the hour forward.
Regards,
L
Last edited:
Well, huh!
I have two servers that this thread's email crontab command has been messed with.
One server it was entirely deleted, the second edit: the cPanel command replaced the email entry (but kept the new time).
Anyone else having similar issues?
Edit:
So, cPanel, ya do regex'es on crontab don't ya?
{removed, italics updated above}
So... AFAICT it is not safe to add entries to cron that in any way contain bits or pieces of existing (or future!) cPanel root contrab entries. Back to a bash script it is... Edit: see next post
I have two servers that this thread's email crontab command has been messed with.
One server it was entirely deleted, the second edit: the cPanel command replaced the email entry (but kept the new time).
Anyone else having similar issues?
Edit:
So, cPanel, ya do regex'es on crontab don't ya?
{removed, italics updated above}
So... AFAICT it is not safe to add entries to cron that in any way contain bits or pieces of existing (or future!) cPanel root contrab entries. Back to a bash script it is... Edit: see next post
Last edited:
Hi cPanelMichael,
Would you scan this as a quick QC? Especially looking for other cPanel processes or things that might impact the offered solution?
Also, would there physically be a way to add a user section to crontab such that cPanel doesn’t regex through that part? I don’t mind adding a feature request, but kinda pointless if it’s not actually do-able...
Thanks,
Michael
PS: Are edits now closed on older posts? If so, would you edit my #20 to remove those instructions and link here? ( Why am I no longer receiving daily emails with the cPanel update log output after updating to version 82? )
# # #
Okay, this is long winded, and addresses the issue that you want an exact replication of the original emails being sent by cron so that you don’t have to change email filters (or other flagging logic). As well as addressing that we can’t use existing text from cPanel commands in crontab (as cPanel’s regex frags stuff then).
Before following the below, change srv03, /root/bin/, /root/log/, and whatever else is appropriate for your system setup. Copying everything and doing global replaces is probably easiest...
# # #
Access the server via SSH as root
Commands:
Bash:
hostname | awk -F'.' '{print $1}'
hostname
crontab -lAdd ~20 minutes to the time of the cPanel /usr/local/cpanel/scripts/upcp line for the crontab entry below.
Bash:
cd
pwd
Bash:
mkdir log
mkdir bin
cd bin
nano root-crontab-additions-srv03-01.sh
Bash:
#!/bin/bash
# # # Description
# Send emails with the cPanel update log
#
# Script=root-crontab-additions-srv03-01.sh
# Author=Michael
# Email=use website contact
# Website=http://www.inet-design.com/
# License=GPL
# Script repository=none
# Last Edit Date=Mon Aug 19 11:03:46 CDT 2019
#
# Note: Should have used sendmail EOF instead of pipes, but throwaway script...
#
# # # crontab entry
# 57 2 * * * /root/bin/root-crontab-additions-srv03-01.sh >>/root/log/root-crontab-additions-srv03-01.sh.log 2>&1
#
# # # Be Very Nice
renice -n 19 -p $$ >/dev/null 2>/dev/null
#
# # # # #
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: # # # Starting # # #"
# # # Variable Setups
SendMailTo="{copy from an existin email}"
SendMailFrom="{copy from an existing email}"
SendMailSubject="{copy from an existing email}"
SendMailBody=`cat /var/cpanel/updatelogs/last`
( echo "To: $SendMailTo"; echo "From: $SendMailFrom"; echo "Subject: $SendMailSubject"; echo "$SendMailBody" ) | /usr/sbin/sendmail "$SendMailTo"
EXITCODE=("${PIPESTATUS[@]}")
TESTVAR="${EXITCODE[0]}"
if [ "$TESTVAR" -ne 0 ] ; then
Message01='Echo had issues: '
Message02="$TESTVAR"
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: $Message01$Message02"
echo "$CurrDateTime: # # # Exited with Errors # # #"
exit 1
fi
TESTVAR="${EXITCODE[1]}"
if [ "$TESTVAR" -ne 0 ] ; then
Message01='Sendmail had issues: '
Message02="$TESTVAR"
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: $Message01$Message02"
echo "$CurrDateTime: # # # Exited with Errors # # #"
exit 1
fi
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: # # # Finished # # #"
exit
Bash:
CTRL-X
Y
Bash:
chmod +x root-crontab-additions-srv03-01.sh
./root-crontab-additions-srv03-01.sh
Bash:
crontab -e# # #
I tested the script, but if you have issues post what happened (as it’s just too easy to typo, or bad copy/paste, a stream of commands like this).
Best All,
Michael
Last edited:
Hello Everyone!
I mentioned this thread in an internal discussion about this topic and wanted to share some notes:
• One of the primary goals of this change was to improve the signal-to-noise ratio in cPanel & WHM to avoid confusion from customers that see the successful upcp email notification and are unable to assert the meaning of the log output.
• The existing feature request was mentioned as a good idea, however, it's important to continue to vote and add comments about the value this feature would bring to the product. You can follow updates to this feature request on the feature request website itself.
• The idea of a new "audit log" was mentioned as a potentially better feature to address this feedback. The "audit log" would log every change made on the system by cPanel & WHM (as opposed to just upcp) and would be readily available for viewing from the command line or as part of Contact Manager. If anyone on this thread thinks this is a good idea, open a new feature request for it in the following format and then share the link here:
@Michael-Inet, I updated your earlier post with a link to the updated workaround instructions. Thanks for putting time into this and sharing the workaround! The SSP repo on cPanel's GitHub is useful if you're interested in examples of how to interact with cPanel & WHM from a script level (it's in Perl, but it's still helpful to read without a Perl background). It's available at:
github.com
Thank you.
I mentioned this thread in an internal discussion about this topic and wanted to share some notes:
• One of the primary goals of this change was to improve the signal-to-noise ratio in cPanel & WHM to avoid confusion from customers that see the successful upcp email notification and are unable to assert the meaning of the log output.
• The existing feature request was mentioned as a good idea, however, it's important to continue to vote and add comments about the value this feature would bring to the product. You can follow updates to this feature request on the feature request website itself.
• The idea of a new "audit log" was mentioned as a potentially better feature to address this feedback. The "audit log" would log every change made on the system by cPanel & WHM (as opposed to just upcp) and would be readily available for viewing from the command line or as part of Contact Manager. If anyone on this thread thinks this is a good idea, open a new feature request for it in the following format and then share the link here:
@Michael-Inet, I updated your earlier post with a link to the updated workaround instructions. Thanks for putting time into this and sharing the workaround! The SSP repo on cPanel's GitHub is useful if you're interested in examples of how to interact with cPanel & WHM from a script level (it's in Perl, but it's still helpful to read without a Perl background). It's available at:
GitHub - CpanelInc/SSP: System Status Probe
System Status Probe. Contribute to CpanelInc/SSP development by creating an account on GitHub.
github.com
Thank you.
Hi cPanelMichael,
You’re welcome for the script work.
Trying to reduce the signal-to-noise ratio is a good thing, it is pretty high, but...
The existing feature request is acceptable, but really it’s just replacing what was deleted.
The idea of an "audit log" is probably the best idea I’ve seen, but...
# # #
I’ve already stated this, but AFAICT all of the solutions given basically boils down to a solution that requires a user to routinely log in to a potentially compromised system and as such is a “bad” solution. (Although on re-read, I’m not sure what “as part of Contact Manager” encompasses, so maybe not?)
So, before I modify and add something "audit log"(ish) as a feature request, let’s discuss it and work out it’s flaws so it’s useful as a whole? My thoughts:
- It must be able to be sent in email.
So that any change can be compared against whatever “System Integrity checking detected a modified system file” type report (csf/ldf, etc.) the user has setup.
- It preferably tells the user what specially has changed.
It’d be helpful if it went beyond telling what packages were updated and also told what files, user accounts, crontab entries, and such were modified. (Currently, for not well known files, we have to find a non-updated server and run ‘yum whatprovides’ to match changed files to updated packages.)
- It should encompass everything that gets updated or changed.
- It should, or should be able to, be received in basically real time.
- It does not have to contain the entire log output.
Raw log output is definitely a noise ‘issue.’ Granted most of us now know how to skim them well, but I can see that if they are just attached and the body is the summarized change report, it’d be significantly easier for everyone.
# # #
That’s a first pass, but I’m sure I’ve missed elements that should, or would be really useful to, be included. I’m also sure that it would greatly help the feature request for whatever is decided to be re-written by cPanel to use cPanel jargon, procedures, and process names.
Best,
Michael
You’re welcome for the script work.
And thank you for those!- I mentioned this thread in an internal discussion about this topic and wanted to share some notes:
- I updated your earlier post with a link to the updated workaround instructions.
- The SSP repo on cPanel's GitHub is useful if you're interested in examples of how to interact with cPanel & WHM from a script level (it's in Perl, but it's still helpful to read without a Perl background). It's available at:
GitHub - CpanelInc/SSP: System Status Probe
System Status Probe. Contribute to CpanelInc/SSP development by creating an account on GitHub.
I’ll add my thoughts here, but if there is somewhere else you think I should add them too, I can do that as well. (Open a new topic for this discussion alone?)
Trying to reduce the signal-to-noise ratio is a good thing, it is pretty high, but...
The existing feature request is acceptable, but really it’s just replacing what was deleted.
The idea of an "audit log" is probably the best idea I’ve seen, but...
# # #
I’ve already stated this, but AFAICT all of the solutions given basically boils down to a solution that requires a user to routinely log in to a potentially compromised system and as such is a “bad” solution. (Although on re-read, I’m not sure what “as part of Contact Manager” encompasses, so maybe not?)
So, before I modify and add something "audit log"(ish) as a feature request, let’s discuss it and work out it’s flaws so it’s useful as a whole? My thoughts:
- It must be able to be sent in email.
So that any change can be compared against whatever “System Integrity checking detected a modified system file” type report (csf/ldf, etc.) the user has setup.
- It preferably tells the user what specially has changed.
It’d be helpful if it went beyond telling what packages were updated and also told what files, user accounts, crontab entries, and such were modified. (Currently, for not well known files, we have to find a non-updated server and run ‘yum whatprovides’ to match changed files to updated packages.)
- It should encompass everything that gets updated or changed.
- It should, or should be able to, be received in basically real time.
- It does not have to contain the entire log output.
Raw log output is definitely a noise ‘issue.’ Granted most of us now know how to skim them well, but I can see that if they are just attached and the body is the summarized change report, it’d be significantly easier for everyone.
# # #
That’s a first pass, but I’m sure I’ve missed elements that should, or would be really useful to, be included. I’m also sure that it would greatly help the feature request for whatever is decided to be re-written by cPanel to use cPanel jargon, procedures, and process names.
Best,
Michael
Going though the actual usage is useful! (Just had 2 servers get updated.) I would add this as well:
- Display in the email's body text the server's information (fully qualified name, IP address, ?).
Best,
Michael
What an annoying thing to have to manually fix myself a vital function that has worked well for an age. Whoever thought that it was better to just KILL notifications instead of giving us a UI setting to choose between "Mail Full Log, Success and Failure notifications only, Failure notifications only" reeeeeaaaallly wasn't thinking clearly. All sorts of important information about upgrade blockers, file integrity violations and more are found in that log file.
Hello @Michael-Inet,
The discussion and feedback for the new feature request (e.g. an audit log) is likely to see more participation on the feature request website itself (via the comments section once it's opened). Feel free to share the feature request URL here once you submit it and I can share the link internally.
Thanks!
The discussion and feedback for the new feature request (e.g. an audit log) is likely to see more participation on the feature request website itself (via the comments section once it's opened). Feel free to share the feature request URL here once you submit it and I can share the link internally.
Thanks!
Hi Michael,
You have always been knowledgeable and conscientious, so it saddens me that the recent cPanel pricing and structure decision I’ve just become aware of is causing my company to migrate completely away from WHM/cPanel.
As such, this is most likely my last post, and is basically only being done as a personal favor to yourself.
I don’t know if Oakley Capital Investments will maintain a decent employee experience, but if they don’t, I (and many others here) will gladly give you a glowing letter of recommendation if you ever find yourself wanting one. All you need to do is ask!
Good by for now and Best Regards,
Michael
Internet Design Alliance
Hours (US CST): Mon - Thur, 8am – 6pm | Fri, 8am - Noon
Emergency calls: 24x7
Hello Michael, who made that decision to mute the outcome of upcp in the first place? and why? are there any security concerns to take into account?
Hi everyone.
Thank you heaps for this script, @Michael-Inet.
I modified it a little to automatically populate the to/from email address and also email subject.
The from address will be [email protected]{server-hostname} and the to address is whatever you chose in WHM > Basic WebHost Manager® Setup > Contact Email ("Enter one or more email addresses to contact in case a problem arises with this server.")
The email subject is now "upcp log on {server-hostname}"
For anyone that is interested, here is the slightly updated script:
Thank you heaps for this script, @Michael-Inet.
I modified it a little to automatically populate the to/from email address and also email subject.
The from address will be [email protected]{server-hostname} and the to address is whatever you chose in WHM > Basic WebHost Manager® Setup > Contact Email ("Enter one or more email addresses to contact in case a problem arises with this server.")
The email subject is now "upcp log on {server-hostname}"
For anyone that is interested, here is the slightly updated script:
Bash:
#!/bin/bash
# # # Description
# Send emails with the cPanel update log
#
# Script=root-crontab-additions-srv03-01.sh
# Author=Michael
# Email=use website contact
# Website=http://www.inet-design.com/
# License=GPL
# Script repository=none
# Last Edit Date=Thu Jun 02 15:36:00 AEST 2022
#
# Note: Should have used sendmail EOF instead of pipes, but throwaway script...
# Edit by Kane Shaw automatically fills "Variable Setups" section using lookups of the WHM config files.
#
# # # crontab entry
# 16 23 * * * /root/bin/root-crontab-additions-upcp-log-email.sh >>/root/log/root-crontab-additions-upcp-log-email.sh.log 2>&1
#
# # # Be Very Nice
renice -n 19 -p $$ >/dev/null 2>/dev/null
#
# # # # #
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: # # # Starting # # #"
# # # Variable Setups
SendMailTo=`(grep 'CONTACTEMAIL ' /etc/wwwacct.conf | sed -e 's/CONTACTEMAIL //' | tr -d "\"")`
SendMailFrom="[email protected]$(grep 'HOST ' /etc/wwwacct.conf | sed -e 's/HOST //' | tr -d "\"")"
SendMailSubject="upcp log on $(grep 'HOST ' /etc/wwwacct.conf | sed -e 's/HOST //' | tr -d "\"")"
SendMailBody=`cat /var/cpanel/updatelogs/last`
( echo "To: $SendMailTo"; echo "From: $SendMailFrom"; echo "Subject: $SendMailSubject"; echo "$SendMailBody" ) | /usr/sbin/sendmail "$SendMailTo"
EXITCODE=("${PIPESTATUS[@]}")
TESTVAR="${EXITCODE[0]}"
if [ "$TESTVAR" -ne 0 ] ; then
Message01='Echo had issues: '
Message02="$TESTVAR"
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: $Message01$Message02"
echo "$CurrDateTime: # # # Exited with Errors # # #"
exit 1
fi
TESTVAR="${EXITCODE[1]}"
if [ "$TESTVAR" -ne 0 ] ; then
Message01='Sendmail had issues: '
Message02="$TESTVAR"
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: $Message01$Message02"
echo "$CurrDateTime: # # # Exited with Errors # # #"
exit 1
fi
CurrDateTime=$(date +"%y-%m-%d %H:%M:%S")
echo "$CurrDateTime: # # # Finished # # #"
exit
