Updating and port 37

Simon Blackburn

• May 26, 2025 09:01

I got an email this morning from a WHM update failure. The errors are “ [2025-05-26 07:54:18 +0000] E [/usr/local/cpanel/scripts/rdate] Can't connect to rdate.cpanel.net:37 Connection refused [2025-05-26 07:54:18 +0000] E [/usr/local/cpanel/scripts/rdate] The “/usr/local/cpanel/scripts/rdate” command (process 929753) reported error number 111 when it ended.” I have checked and port 37 is open as it 53 which I believe is a work around so I don’t know why it never updated. I have added googles nameservers to my resolv.conf, I didn’t replace the Nameserver that was already there though, just added two new ones, so advice on that is needed. I will say I originally had CSF installed but I was getting regular Emails about suspicious process running and couldn’t turn them off so I uninstalled it temporarily. Does anyone have any ideas why this could be?

• 

  quietFinn

  • May 26, 2025 11:52

  What happens if you do this in command line:
  telnet rdate.cpanel.net 37

  It should be like this:
  [root@srv ~]# telnet rdate.cpanel.net 37
  Trying 208.74.121.43...
  Connected to rdate.cpanel.net.
  Escape character is '^]'.
  ▒▒▒PConnection closed by foreign host.
  
  
  

  0
• 

  Simon Blackburn

  • May 26, 2025 11:59

  I get

  Bash: telnet: command not found

  0
• 

  Simon Blackburn

  • May 26, 2025 12:06

  I don’t think rdate is installed. Another check returned that Chrony is installed but how do I get it to use Chrony instead of rdate.

  0
• 

  quietFinn

  • May 26, 2025 12:24

  Install telnet:
  yum install telnet

  and try again.

  The error message you get suggests that your server can't connect to rdate.cpanel.net

   

  0
• 

  Simon Blackburn

  • May 26, 2025 12:29

  telnet rdate.cpanel.net 37
  Trying 208.74.123.15.
  -elnet: connect to address 208.74.123.15: Connection ret
  Trying 208.74.121.36.
  telnet: connect to address 208.74.121.36: Connection ref
  Trying
  208.74.123.23...
  telnet: connect to address 208.74.123.23: Connection ref
  Trying 208.74.121.43..
  telnet: connect to address 208.74.121.43: Connection ref Used

  0
• 

  Simon Blackburn

  • May 26, 2025 12:29

  That should say refused not ref used.

  0
• 

  quietFinn

  • May 26, 2025 12:37

  https://support.cpanel.net/hc/en-us/articles/4414037344535-rdate-reports-an-error-when-upcp-runs
  
  

  "The rdate script adjusts the system clock on servers not running an NTP daemon. The errors occur when the server is unable to contact rdate.cpanel.net on TCP port 37. This can occur if the server is unable to resolve rdate.cpanel.net or if outbound TCP port 37 is blocked."

   

  0
• 

  Simon Blackburn

  • May 26, 2025 12:55

  I know port 37 isn’t blocked.

  Do I need rdate if I have Chrony installed and running?

  0
• 

  quietFinn

  • May 26, 2025 14:33

  I closed port 37 and this is what I get:

  [root@vps1 log]# telnet rdate.cpanel.net 37
  Trying 208.74.123.15...
  telnet: connect to address 208.74.123.15: Connection refused
  Trying 208.74.121.36...
  telnet: connect to address 208.74.121.36: Connection refused
  Trying 208.74.123.23...
  telnet: connect to address 208.74.123.23: Connection refused
  Trying 208.74.121.43...
  telnet: connect to address 208.74.121.43: Connection refused
  
  

   

  0
• 

  Simon Blackburn

  • May 26, 2025 14:37

  I did a check earlier and it said it was open. I’ll reinstall CSF and see what it says then. Thanks.

  0
• 

  Simon Blackburn

  • May 27, 2025 14:11

  I've installed CSF again and configured it. Port 37 is open for TCP_OUT. 
  
  I've ran telnet rdate.cpanel.net 37 again and it still cannot connect.

  0
• 

  cPRex Jurassic Moderator

  • May 27, 2025 14:31

  It's also possible the port is blocked outside of your server so if you confirm things are working will in CSF you may need to speak with your host.

  0
• 

  dexus

  • August 06, 2025 09:29

  We actually don't need this rdate script. This archaic script is not updated for EL7+ servers, so it is not checking for chrony service, only ntp, which is replaced with chrony a long time ago, and this script is just making problems because of harsh time changes on all servers every day...

  systemd-journald[312416]: Time jumped backwards, rotating.

  For example, we are losing journal logs al most every day, on all servers, because of this script.

  @cPanel Please open a bug for this and fix this script to not update time if chrony is running.

   

  0
• 

  dexus

  • August 06, 2025 09:38

  As a temporary solution we can just do this on all cPanel servers that have chronyd service running...

  mv /usr/local/cpanel/scripts/rdate /usr/local/cpanel/scripts/rdate.bak
  ln -s /bin/true /usr/local/cpanel/scripts/rdate

   

  1
• 

  cPRex Jurassic Moderator

  • August 07, 2025 14:49

  dexus - it sounds like there is something else happening on your machine that is causing the time to drift, as I don't have see any other issues or complaints with the rdate script at this time.  Would you be able to submit a ticket so this can be investigated directly on the server?

  1
• 

  Simon Blackburn

  • August 07, 2025 14:52

  I took a snapshot of my server and reinstalled everything from scratch. Thanks for everyone’s help. Don’t know why the original installation was corrupted, it was all done via SSH.

  0
• 

  cPRex Jurassic Moderator

  • August 07, 2025 14:53

  Simon Blackburn- glad to hear things are working well now!

  1
• 

  dexus

  • August 08, 2025 12:46
  • Edited

  cPRex We have the same issue on all servers, at exact time when rdate is run, and also after "replacing" rdate script, as I suggested, there is no such issue, so it is 100% the cause for the issue.

  Anyway that script is made for use on CentOS 6 and older OS versions, and it must be updated to also check if chronyd is running, like it does for ntpd, and exit if ntpd is running. It should do the same for chrony.

  It does not make sense to use rdate to update time on servers that have chronyd running.

   

  0
• 

  cPRex Jurassic Moderator

  • August 08, 2025 15:47

  dexus - can you submit at ticket about this?  I don't have any other similar reports of this causing an issue so we'd likely need to see it in action on one of your affected systems before we could say for sure what is happening.

  0
• 

  dexus

  • August 11, 2025 07:59

  Sorry, I don't have time for that, and there is really nothing to be checked on server. Such time related issues are expected when using rdate on newer OS. That is just how rdate works, because it was made for OS before journalctl and chrony and it is unfortunately still in production.

  That script is for CentOS 6 and older OS versions, and it is not updated to check for chrony.

  Just discuss this with any of your senior system engineers or developers.

   

  0

Please sign in to leave a comment.