WHy does cPanel install files owned by non-associated UID?

[wizzy420]

I was poking around /usr/local/cpanel and noticed bunches of files owned by UID 500, GID 500 when there is no user with this UID/GID

Any reason this is done?

 

[wizzy420]

bump!

wizzy

 

[cPanelKenneth]

Please provide example files/directories.

 

[wizzy420]

Please provide example files/directories.

In /usr/local/cpanel, a subset:

drwxr-xr-x 6 root root 4096 Jan 7 18:09 share
drwxr-xr-x 9 root wheel 4096 Feb 1 03:19 src
-rwxr-xr-x 1 500 500 65 Mar 23 2006 startstunnel
-rwxr-xr-x 1 500 500 60 Mar 23 2006 startup
drwxr-xr-x 5 root root 4096 Jan 7 18:09 sys_cpanel
-rwxr-xr-x 1 root root 104 Jan 26 06:05 tailwatch
-rwxr-xr-x 1 500 500 134 Mar 23 2006 uninstall
drwxr-xr-x 3 root root 4096 Jan 7 18:18 var
-rw-r--r-- 1 root root 21 Jan 26 06:05 version
drwxr-xr-x 3 root root 4096 Jan 7 18:09 vsrvmgr
-rwx------ 1 root root 2558032 Jan 26 06:05 vsrvmgrd
-rwx------ 1 root root 5399128 Jan 26 06:05 vsrvmgrqd
-rwxr-xr-x 1 500 500 465 Mar 23 2006 vstartup
drwxr-xr-x 10 root root 4096 Jan 26 06:07 whostmgr

 

[rpmws]

Please provide example files/directories.

ken this is what I was asking about in the EDGE list

 

[cPanelKenneth]

ken this is what I was asking about in the EDGE list

Correct. I suspect it's a mirror issue as one of my test servers has this, while another does not. On the test server afflicted, it didn't arise until this past weekend.

 

[rpmws]

so seen it in CentOS5 and RedHatEL5

 

[cPanelKenneth]

so seen it in CentOS5 and RedHatEL5

Are you seeing this on new installs, or just existing servers? If you change the ownership, does it revert on a upcp?

 

[cPanelKenneth]

Looks like changing the ownership is not reverted after upcp, even after upcp --force.

 

[cPanelKenneth]

The ownership mixture occurs because some updates happen via single file download, while others through tarball extraction. The tarball extraction is a recent change and results in different UID/GID combinations occurring in the /usr/local/cpanel directory and children.

We've adjusted the functionality that handles this part of the update process to ensure the ownership is properly retained.

It is safe to chown the files in question to root:root

 

[wizzy420]

Just did some looking, it appears to be these directories:

/home/.cpan/build/*
/home/virtfs/USER/checkvirtfs
/var/cpanel/perl/easy/Cpanel/Easy/*
/root/installd/*
/var/profiles/easy/apache/profile/custom/*
/scripts/*

So, you're saying that a:

find / \( -type d -o -type f \) -user 500 -exec chown root:root {} \; -ls

Should be a-ok?

In case anyone is wondering, you can look on your server like this:

find / -user 500 -ls | less