Rise Company
30-01-2024, 00:36
حل مشكلة Add KernelCare’s Free Symlink Protection / A KernelCare update is available
HTTP Error 401: Unauthorized: https://patches.kernelcare.com
A KernelCare update is available - free Symlink Protection
Add KernelCare’s Free Symlink Protection
https://www.rise.company/upload/uploads/17065678068721.png
المشكلة :
على نظام almalinux فى Security Advisor يظهر خطا
Add KernelCare’s Free Symlink Protection / A KernelCare update is available
وبمجرد الضغط على ADD يعمل Refresh وترجع الرسالة كما كانت
وكذلك Update يظهر خطا فى الرابط وتعطيل الفايروول لم يحل المشكلة
I have just upgraded OS to Rocky8
Rocky Linux v8.9.0 STANDARD kvm
cPanel Version
116.0.10
When I run cPanel Security Advisor I get the following:
Kernel does not support the prevention of symlink ownership attacks.
You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protections beyond those solutions employed in userland. Please review the documentation to learn how to apply this protection.
Add KernelCare’s Free Symlink Protection.
This free patch set protects your system from symlink attacks. Add KernelCare’s Free Patch Set. Add KernelCare’s Free Symlink Protection. NOTE: This is not the full KernelCare product and service.
You can protect against this in multiple ways. Please review the following documentation to find a solution that is suited to your needs.
A KernelCare update is available.
You must take one of the following actions to ensure the system is up-to-date:
Patch the kernel (run “kcarectl --update” on the command line).
Update the system (run “yum -y update” on the command line), and reboot the system.
----
However, when I run the kcarectl --update in ssh, I get "downloading updates" and then "complete". When I restart the server and re-run the security advisor, I get the exact same message. It appears symlink protection has not been added.
If I click on the "Add KernelCare’s Free Symlink Protection." in whm, it navigates to "https://serveraddress:2087/cpsess7608784606/scripts13/add_kernelcare_free_symlink_protection" and just reloads the security advisor page with the same warning messages.
ايضا يظهر خطا عند ادخال امر update
https://www.rise.company/upload/uploads/170656821371221.png
kcarectl --info
No patches applied, but some are available,
run 'kcarectl --update'.
kcarectl --update
Downloading updates
HTTP Error 401: Unauthorized: https://patches.kernelcare.com/patches/K20240119_03/c843b85222f88820f3a259673ae462735ed23f09/1/kpatch.bin
حل المشكلة :
احذف kernelcare واعد تثبيتها مرة اخرى
OK I contacted Cloudlinux to get support and they told me to uninstall the kernel care
yum remove kernelcare
Then reinstall it:
curl -s https://repo.cloudlinux.com/kernelcare/kernelcare_install.sh | bash
kcarectl --set-patch-type free --update
تم تجربة هذا الحل وهو يعمل بشكل سليم 100 % مع Alma Linux
المرجع:
https://support.cpanel.net/hc/en-us/community/posts/20900516913815-Add-KernelCare-s-Free-Symlink-Protection
https://www.interserver.net/tips/kb/install-symlink-protection-patchset-for-centos-6-and-7/
https://patches.kernelcare.com/
HTTP Error 401: Unauthorized: https://patches.kernelcare.com
A KernelCare update is available - free Symlink Protection
Add KernelCare’s Free Symlink Protection
https://www.rise.company/upload/uploads/17065678068721.png
المشكلة :
على نظام almalinux فى Security Advisor يظهر خطا
Add KernelCare’s Free Symlink Protection / A KernelCare update is available
وبمجرد الضغط على ADD يعمل Refresh وترجع الرسالة كما كانت
وكذلك Update يظهر خطا فى الرابط وتعطيل الفايروول لم يحل المشكلة
I have just upgraded OS to Rocky8
Rocky Linux v8.9.0 STANDARD kvm
cPanel Version
116.0.10
When I run cPanel Security Advisor I get the following:
Kernel does not support the prevention of symlink ownership attacks.
You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protections beyond those solutions employed in userland. Please review the documentation to learn how to apply this protection.
Add KernelCare’s Free Symlink Protection.
This free patch set protects your system from symlink attacks. Add KernelCare’s Free Patch Set. Add KernelCare’s Free Symlink Protection. NOTE: This is not the full KernelCare product and service.
You can protect against this in multiple ways. Please review the following documentation to find a solution that is suited to your needs.
A KernelCare update is available.
You must take one of the following actions to ensure the system is up-to-date:
Patch the kernel (run “kcarectl --update” on the command line).
Update the system (run “yum -y update” on the command line), and reboot the system.
----
However, when I run the kcarectl --update in ssh, I get "downloading updates" and then "complete". When I restart the server and re-run the security advisor, I get the exact same message. It appears symlink protection has not been added.
If I click on the "Add KernelCare’s Free Symlink Protection." in whm, it navigates to "https://serveraddress:2087/cpsess7608784606/scripts13/add_kernelcare_free_symlink_protection" and just reloads the security advisor page with the same warning messages.
ايضا يظهر خطا عند ادخال امر update
https://www.rise.company/upload/uploads/170656821371221.png
kcarectl --info
No patches applied, but some are available,
run 'kcarectl --update'.
kcarectl --update
Downloading updates
HTTP Error 401: Unauthorized: https://patches.kernelcare.com/patches/K20240119_03/c843b85222f88820f3a259673ae462735ed23f09/1/kpatch.bin
حل المشكلة :
احذف kernelcare واعد تثبيتها مرة اخرى
OK I contacted Cloudlinux to get support and they told me to uninstall the kernel care
yum remove kernelcare
Then reinstall it:
curl -s https://repo.cloudlinux.com/kernelcare/kernelcare_install.sh | bash
kcarectl --set-patch-type free --update
تم تجربة هذا الحل وهو يعمل بشكل سليم 100 % مع Alma Linux
المرجع:
https://support.cpanel.net/hc/en-us/community/posts/20900516913815-Add-KernelCare-s-Free-Symlink-Protection
https://www.interserver.net/tips/kb/install-symlink-protection-patchset-for-centos-6-and-7/
https://patches.kernelcare.com/