Symptoms
An email alert was received with the following content:
Check mount with hidepid=2 option:
FAILED: Details: hidepid protection disabled.
Please, mount system with hidepid=2 for better security.
Description
The "hidepid" option is a safety mechanism to ensure users do not have access to other users' processes under the virtual mount "/proc." When this option is disabled, an alert is sent by CloudLinux advising to enable it.
Detailed information about this feature can be found here:
https://docs.cloudlinux.com/cloudlinux_os_kernel/#remounting-procfs-with-hidepid-option
Workaround
In order to stop the alert, the following options must be configured
via the /etc/sysctl.conf configuration file:
fs.proc_can_see_other_uid = 0
Once the file is changed, run the following commands to apply the configuration:
sysctl -p
/usr/share/cloudlinux/remount_proc.py
For detailed information on how to use sysctl on CloudLinux servers, please visit: How to modify sysctl settings on CentOS/CloudLinux 7