cPanel & WHM update failure in upcp script
I've been coping with the following messages (sent via an e-mail with subject "cPanel & WHM update failure in upcp script") for a year and wondered if there is a better solution than running yum update manually and restarting the server.
Here's the error message detail:
2025-07-03 01:34:18 -0400] [/usr/local/cpanel/scripts/update-packages] Error:
[2025-07-03 01:34:18 -0400] [/usr/local/cpanel/scripts/update-packages] Problem: package kernel-devel-matched-5.14.0-570.24.1.el9_6.x86_64 from appstream requires kernel-core = 5.14.0-570.24.1.el9_6, but none of the providers can be installed
[2025-07-03 01:34:18 -0400] [/usr/local/cpanel/scripts/update-packages] - cannot install the best update candidate for package kernel-devel-matched-5.14.0-570.23.1.el9_6.x86_64
[2025-07-03 01:34:18 -0400] [/usr/local/cpanel/scripts/update-packages] - package kernel-core-5.14.0-570.24.1.el9_6.x86_64 from baseos is filtered out by exclude filtering
[2025-07-03 01:34:18 -0400] [/usr/local/cpanel/scripts/update-packages] (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
[2025-07-03 01:34:18 -0400] [/usr/local/cpanel/scripts/update-packages] (XID 6vdvzx) “/usr/bin/yum” reported error code “1” when it ended:
[2025-07-03 01:34:18 -0400] E [/usr/local/cpanel/scripts/update-packages] The “/usr/local/cpanel/scripts/update-packages” command (process 822159) reported error number 1 when it ended.
I root into the server the following morning and run yum update. It either works just fine after that - no more errors - or requires a restart. Is /usr/local/cpanel/scripts/upcp unable to run a regular yum update due to some sort of exclusion?
[root@core ~]# pico /etc/yum.conf
[main]
exclude=bind-chroot dovecot* exim* filesystem p0f php* proftpd* pure-ftpd*
tolerant=1
plugins=1
gpgcheck=1
installonly_limit=3
clean_requirements_on_remove=True
best=True
skip_if_unavailable=False
minrate=50k
Running yum update manually sometimes produces this e-mail message "New Security Advisor notifications with High importance":
The system kernel is at version “5.14.0-570.22.1.el9_6.x86_64”, but the system is configured to boot version “5.14.0-570.24.1.el9_6.x86_64”. Reboot the system. If the problem persists, check the GRUB boot configuration.
Checking that:
[root@core ~]# /usr/bin/kcarectl --info
kpatch-state: patch is applied
kpatch-for: Linux version 5.14.0-570.22.1.el9_6.x86_64 (mockbuild@x64-builder02.almalinux.org) (gcc (GCC) 11.5.0 20240719 (Red Hat 11.5.0-5), GNU ld version 2.35.2-63.el9) #1 SMP PREEMPT_DYNAMIC Thu Jun 19 08:10:32 EDT 2025
kpatch-build-time: Fri Jun 20 13:53:40 2025
kpatch-description: 1-free:1751028356;5.14.0-570.23.1.el9_6
And verifying:
[root@core ~]# /usr/bin/kcarectl --update
Updates already downloaded
No updates are needed for this kernel
Kernel is safe
So I get frustrated and reboot the server late at night, which solves everything until the next update rolls around.
Any insights? Thank you.
-
Hey there! That output all looks normal to me, except the temporary failure from Yum. If "yum update" works normally the next day, it was likely just a failed update that resolved itself.
As far as the Kcare issue, if the kernel was just recently released it was likely not in the Kcare system just yet, so it didn't detect any udpates. It does take a few days, or sometimes longer, for Kcare to process the most recent udpates.
0 -
cPRex I'll try not running yum update or /usr/local/cpanel/scripts/upcp from the command line after I see an error as a test, but previously manually running either of these commands and doing a full graceful restart of the server was the only resolution.
0
Please sign in to leave a comment.
Comments
2 comments