After WHM 110.0.5 update I see 2 new users rpcuser AND nfsnobody
Hello,
Today the cPanel made an update from 108.0.15 to 110.0.5.
Through the update cPanel make a yum installation of nfs-utils. See below:
After the succesfull update to 110.0.5 I had notice that says:
And the passwd file containts:
Is that ok with that update? I don't use any RPC service or NFS. It's ok to leave it as is or I must delete users and groups? Any advice would be helpful. Thank you!
Creating directory /usr/local/cpanel/Whostmgr/Accounts/Component-cpanelsync
Starting yum execution "--assumeyes --color=never --config /etc/yum.conf install nfs-utils --enablerepo=epel".
Creating directory /usr/local/cpanel/Cpanel/NFS-cpanelsync
--> Running transaction check
---> Package nfs-utils.x86_64 1:1.3.0-0.68.el7.2 will be installed
--> Processing Dependency: gssproxy >= 0.7.0-3 for package: 1:nfs-utils-1.3.0-0.68.el7.2.x86_64
--> Processing Dependency: libnfsidmap for package: 1:nfs-utils-1.3.0-0.68.el7.2.x86_64
--> Processing Dependency: keyutils for package: 1:nfs-utils-1.3.0-0.68.el7.2.x86_64
--> Processing Dependency: libnfsidmap.so.0()(64bit) for package: 1:nfs-utils-1.3.0-0.68.el7.2.x86_64
--> Running transaction check
---> Package gssproxy.x86_64 0:0.7.0-30.el7_9 will be installed
--> Processing Dependency: libini_config >= 1.3.1-31 for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libverto-module-base for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libref_array.so.1(REF_ARRAY_0.1.1)(64bit) for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libini_config.so.3(INI_CONFIG_1.2.0)(64bit) for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libini_config.so.3(INI_CONFIG_1.1.0)(64bit) for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libref_array.so.1()(64bit) for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libini_config.so.3()(64bit) for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libcollection.so.2()(64bit) for package: gssproxy-0.7.0-30.el7_9.x86_64
--> Processing Dependency: libbasicobjects.so.0()(64bit) for package: gssproxy-0.7.0-30.el7_9.x86_64
---> Package keyutils.x86_64 0:1.5.8-3.el7 will be installed
---> Package libnfsidmap.x86_64 0:0.25-19.el7 will be installed
--> Running transaction check
---> Package libbasicobjects.x86_64 0:0.1.1-32.el7 will be installed
---> Package libcollection.x86_64 0:0.7.0-32.el7 will be installed
---> Package libini_config.x86_64 0:1.3.1-32.el7 will be installed
--> Processing Dependency: libpath_utils.so.1(PATH_UTILS_0.2.1)(64bit) for package: libini_config-1.3.1-32.el7.x86_64
--> Processing Dependency: libpath_utils.so.1()(64bit) for package: libini_config-1.3.1-32.el7.x86_64
---> Package libref_array.x86_64 0:0.1.5-32.el7 will be installed
---> Package libverto-libevent.x86_64 0:0.2.5-4.el7 will be installed
--> Running transaction check
---> Package libpath_utils.x86_64 0:0.2.1-32.el7 will be installed
--> Finished Dependency Resolution
Installed: nfs-utils.x86_64 1:1.3.0-0.68.el7.2
Dependency Installed:
gssproxy.x86_64 0:0.7.0-30.el7_9 keyutils.x86_64 0:1.5.8-3.el7
libbasicobjects.x86_64 0:0.1.1-32.el7 libcollection.x86_64 0:0.7.0-32.el7
libini_config.x86_64 0:1.3.1-32.el7 libnfsidmap.x86_64 0:0.25-19.el7
libpath_utils.x86_64 0:0.2.1-32.el7 libref_array.x86_64 0:0.1.5-32.el7
libverto-libevent.x86_64 0:0.2.5-4.el7
Complete!
Completed yum execution "--assumeyes --color=never --config /etc/yum.conf install nfs-utils --enablerepo=epel": in 100.953 second(s).
After the succesfull update to 110.0.5 I had notice that says:
Warning: User 'rpcuser' has been added to the passwd file.
Warning: User 'nfsnobody' has been added to the passwd file.
Warning: Changes found in the group file for group 'mysyslog':
User 'rpcuser' has been added to the group
User 'nfsnobody' has been added to the group
Warning: Group 'rpcuser' has been added to the group file.
Warning: Group 'nfsnobody' has been added to the group file.
And the passwd file containts:
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
Is that ok with that update? I don't use any RPC service or NFS. It's ok to leave it as is or I must delete users and groups? Any advice would be helpful. Thank you!
-
That seems to be typical upon installation of WHM 110. It's been noted here on the forums. My recommendation would be to stop / disable RPCBIND systemctl stop rpcbind systemctl disable rpcbind I'll leave it up to you to decide if you want to do that or not. I disabled RPCBIND on my machines that updated. It's ashame that those were dependencies of nfs-utils though. 0 -
Hello and thank you for the answer. I checked if rpcbind is running and no it isn't. systemctl status rpcbind ? rpcbind.service - RPC bind service Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; disabled; vendor preset: enabled) Active: inactive (dead) Also from the WHM update to 110.0.5 I don't see that package installed. Also from the yum history I see only be installed: Dep-Install gssproxy-0.7.0-30.el7_9.x86_64 @updates Dep-Install keyutils-1.5.8-3.el7.x86_64 @base Dep-Install libbasicobjects-0.1.1-32.el7.x86_64 @base Dep-Install libcollection-0.7.0-32.el7.x86_64 @base Dep-Install libini_config-1.3.1-32.el7.x86_64 @base Dep-Install libnfsidmap-0.25-19.el7.x86_64 @base Dep-Install libpath_utils-0.2.1-32.el7.x86_64 @base Dep-Install libref_array-0.1.5-32.el7.x86_64 @base Dep-Install libverto-libevent-0.2.5-4.el7.x86_64 @base Install nfs-utils-1:1.3.0-0.68.el7.2.x86_64 @updates
The question here now is it's safe the user and group that added on system?rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
Also the nfs-utils seems be a dependency package for /usr/local/cpanel/Cpanel/NFS-cpanelsync Why the WHM adds 2 more users (rpcuser AND nfsnobody) from that update? We must take any measures to secure nfs or what? I'm a bit confuse... :rolleyes: Any help appreciated! Thank you!0
Please sign in to leave a comment.
Comments
4 comments