حل مشكلة Add KernelCare’s Free Symlink Protection / A KernelCare update is available

[Rise Company]

حل مشكلة Add KernelCare’s Free Symlink Protection / A KernelCare update is available
HTTP Error 401: Unauthorized: https://patches.kernelcare.com
A KernelCare update is available - free Symlink Protection
Add KernelCare’s Free Symlink Protection



المشكلة :

على نظام almalinux فى Security Advisor يظهر خطا
Add KernelCare’s Free Symlink Protection / A KernelCare update is available
وبمجرد الضغط على ADD يعمل Refresh وترجع الرسالة كما كانت
وكذلك Update يظهر خطا فى الرابط وتعطيل الفايروول لم يحل المشكلة

I have just upgraded OS to Rocky8
Rocky Linux v8.9.0 STANDARD kvm
cPanel Version
116.0.10

When I run cPanel Security Advisor I get the following:

Kernel does not support the prevention of symlink ownership attacks.

You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protections beyond those solutions employed in userland. Please review the documentation to learn how to apply this protection.

Add KernelCare’s Free Symlink Protection.

This free patch set protects your system from symlink attacks. Add KernelCare’s Free Patch Set. Add KernelCare’s Free Symlink Protection. NOTE: This is not the full KernelCare product and service.

You can protect against this in multiple ways. Please review the following documentation to find a solution that is suited to your needs.

A KernelCare update is available.

You must take one of the following actions to ensure the system is up-to-date:

• Patch the kernel (run “kcarectl --update” on the command line).
• Update the system (run “yum -y update” on the command line), and reboot the system.

----
However, when I run the kcarectl --update in ssh, I get "downloading updates" and then "complete". When I restart the server and re-run the security advisor, I get the exact same message. It appears symlink protection has not been added.

If I click on the "Add KernelCare’s Free Symlink Protection." in whm, it navigates to "https://serveraddress:2087/cpsess7608784606/scripts13/add_kernelcare_free_symlink_protection" and just reloads the security advisor page with the same warning messages.

ايضا يظهر خطا عند ادخال امر update

كود:

 
kcarectl --info

No patches applied, but some are available,
run 'kcarectl --update'.

kcarectl --update

Downloading updates
HTTP Error 401: Unauthorized: https://patches.kernelcare.com/patch...9/1/kpatch.bin


حل المشكلة :
احذف kernelcare واعد تثبيتها مرة اخرى

OK I contacted Cloudlinux to get support and they told me to uninstall the kernel care

كود:

yum remove kernelcare

Then reinstall it:

كود:

curl -s https://repo.cloudlinux.com/kernelca...are_install.sh | bash
kcarectl --set-patch-type free --update

تم تجربة هذا الحل وهو يعمل بشكل سليم 100 % مع Alma Linux

المرجع:
https://support.cpanel.net/hc/en-us/...ink-Protection
https://www.interserver.net/tips/kb/...entos-6-and-7/

https://patches.kernelcare.com/