Skip to main content

Add KernelCare’s Free Symlink Protection

Comments

10 comments

  • Andrew
    Translate

    Can you go to Terminal in WHM and execute this command?

    kcarectl --info

    Andrew N. - cPanel Plesk VMWare Certified Professional
    Do you need immediate assistance? 20 minutes response time!*
    EmergencySupport - Professional Server Management and One-time Services

    0
  • WorkinOnIt


    [root@~]# kcarectl --info
    No patches applied, but some are available, run 'kcarectl --update'.
    [root@~]# kcarectl --update
    Downloading updates
    HTTP Error 401: Unauthorized: https://patches.kernelcare.com/patches/K20240119_03/c843b85222f88820f3a259673ae462735ed23f09/1/kpatch.bin
    [root@~]#

    0
  • WorkinOnIt

    OK I contacted Cloudlinux to get support and they told me to uninstall the kernel care 

    yum remove kernelcare 

    Then reinstall it:

    curl -s https://repo.cloudlinux.com/kernelcare/kernelcare_install.sh | bash
    kcarectl --set-patch-type free --update

     

    Please note that in some cases, you'll get the following message:

    'free' patch type is unavailable for your kernel

    That means that the kernel you're running has been released very recently and there are no patches yet for it. 

    I think they are very slow in supporting kernel updates.... we shall see (I am using up to date kernel)

    https://patches.kernelcare.com/

    2
  • WorkinOnIt

    This is still bugging me. 

    I can't figure out if the machine is covered against symlinks or not.

    This is what I am seeing:

    1) If I run kcarectl --update I get:

    Downloading updates
    The IP 12.3.45.6 was already used for a trial license on 2018-05-15

    2) yum remove kernelcare 

    Removed:
      kernelcare-2.85-2.el9.x86_64

    Complete!

     

    3) curl -s https://repo.cloudlinux.com/kernelcare/kernelcare_install.sh | bash

    Installed:
      kernelcare-2.85-2.el9.x86_64

    Complete!

    4) kcarectl --set-patch-type free --update

    Downloading updates
    The IP 12.3.45.6 was already used for a trial license on 2018-05-15

     

    Seems to be stuck in some kind of loop.  Security Advisor still says 

    Kernel does not support the prevention of symlink ownership attacks. 

    Add KernelCare’s Free Symlink Protection.

     

    So your assistance on this would be appreciated.

     

    0
  • cPRex Jurassic Moderator

    We'll need a ticket on this one to look into the license problem - I'm not able to do anything with licenses over the Forums, unfortunately.

    0
  • WorkinOnIt

    Hi cPRex

    It's not a license thing... we are using the free version... but it's just going around in a loop.

     

    0
  • cPRex Jurassic Moderator

    We're still going to need a ticket on this one :D - there's KernelCare, Imunify, Rocky, all talking to each other, and something is clearly not working as intended on your system or it wouldn't be taking this long to track down.

    0
  • WorkinOnIt

    Here it is:  #95279186

    0
  • cPRex Jurassic Moderator

    It looks like our team found this issue:

    https://support.cpanel.net/hc/en-us/articles/23094436295959-Security-Advisor-suggests-unavailable-free-patch-for-KernelCare-on-AlmaLinux-9

    but we were also able to confirm that your kernel itself is on the latest version with no vulnerabilities.

    0
  • WorkinOnIt

    Sorry for the cross post, I hadn't remembered this one. I opened another here: https://support.cpanel.net/hc/en-us/community/posts/25873975759895-kernel-care-free-patch-set

    > It looks like our team found this issue:

    If this is the case, why keep showing that message in WHM ?

    0

Please sign in to leave a comment.