Blog

Login Register

Beta: alt-php update


PHP had been updated to newer versions in our beta repository.
Changelog:

To update:
$ yum groupupdate alt-php --enablerepo=cloudlinux-updates-testing

KernelCare for CentOS/RHEL 5 - beta

Test version of KernelCare for RHEL/CentOS 5 had been released.
You can see list of supported kernels here:
http://patches.kernelcare.com/test/

To install test version, please execute:
rpm -i http://patches.kernelcare.com/kernelcare-test.x86_64.rpm

Followed by:
kcarectl --update --test

We plan to release KernelCare to production within the next 3 days.

KernelCare - CVE-2014-3519 critical Virtuozzo/OpenVZ/PCS vulnerability patched

Critical vulnerability in Virtuozzo/OpenVZ/PCS disclosed today had been patched.


Systems wtih AUTO_UPDATE=yes (DEFAULT) in /etc/kcare/kcare.conf will automatically update, and no action is needed for them.

You can manually update the server by running:
# /usr/bin/kcarectl --update

Details:

  • CVE-2014-3519
    Fixed a critical vulnerability in the legacy simfs container filesystem (ploop is not affected) (CVE-2014-3519, PSBM-27641)

KernelCare - Updates for CL6, Virtuozzo, OpenVZ & PCS

Security patches were backported from latest RHEL kernel for CloudLinux, Virtuozzo, OpenVZ & PCS

More info could be found at:
CloudLinux patches: https://groups.google.com/forum/#!topic/kernelcare-cl6/0vn9P7V5y4A
OpenVZ/Virtuozzo/PCS: https://groups.google.com/forum/#!topic/kernelcare-vz/j87tIz0hlxA

CL6/Hybrid kernel: 2.6.32-531.17.1.lve1.2.58



Minor update to fix a bug in futexes introduced in previous version of upstream kernel.


Changelog:

To update CL6 servers:
$ yum install kernel-2.6.32-531.17.1.lve1.2.58.el6 lve-kmod-1.2-62.el6

To update Hybrid servers:
$ yum install kernel-2.6.32-531.17.1.lve1.2.58.el5h lve-kmod-1.2-62.el5h

followed by reboot.

For KernelCare.com users updates had been already applied without the need for reboot.

KernelCare - Updates for CentOS 6 & RHEL6

New updates are available for CentOS and RHEL 6. You can find more info about the update here:
https://groups.google.com/forum/#!topic/kernelcare-centos6/9PgxNo_bl2Q

We have created mailing lists/google groups to which you can signup to receive updates related to your KernelCare subscription. You can signup for the updates here: http://kernelcare.com/mailing-lists.php

Beta: alt-php update

PHP 5.6.0 beta 4 is available as part of new alt-php beta update.

Changelog:
  • PHP 5.6.0 beta 4 update (changelog)
  • better Percona Server support from alt-php
  • alt-php-magickwand bugfix
To update:
$ yum groupupdate alt-php --enablerepo=cloudlinux-updates-testing

KernelCare: CloudLinux and VZ kernel updates, older VZ kernels support

CloudLinux 2.6.32-531.17.1.lve1.2.57el6 kernel can now be patched with KernelCare to fix
futex functionallity deficiency introduced in upstream 2.6.32-042stab090.3 kernel and fixed in 042stab090.4 kernel. Older CloudLinux kernels are not affected. New CloudLinux kernel will be out in day or two.

Virtuozzo/PCS/OpenVZ kernel 2.6.32-042stab090.3 can now be patched with KernelCare to fix futex functionallity deficiency introduced in upstream 2.6.32-042stab090.3 kernel and fixed in 042stab090.4 kernel.

Older Virtuozzo/PCS/OpenVZ kernels 042stab076.7 to 042stab079.6 are now supported: http://patches.kernelcare.com/

beta: lve-utils 1.4-18.3

New minor beta update for lve-utils to remove few bugs prior to production release.

Changelog:
  • LU-94: Missing exception type
  • added conflict with lvemanager < 0.8-1.32
To update:

$ yum update lve-utils --enablerepo=cloudlinux-updates-testing

KernelCare: Stability updates for OpenVZ & Virtuozzo Kernels

Two bugfixes were released to KernelCare providers. We will continue pushing important stability improvements using KernelCare, and not limit the patches to security fixes only.

Following issues had been addressed:
  • ms ext4: fix online resize with a non-standard blocks per group setting (from vzkernel-2.6.32-042stab088.4)
  • fix for netconsole over bonding (from vzkernel-2.6.32-042stab090.2)
List of patches for particular kernel is available from: http://patches.kernelcare.com
More info at http://www.kernelcare.com

Beta: lve-utils 1.4-18.1

New beta version of LVE utils fixes calculation of speed parameter when converting from old method, that used NCPU & CPU options.
We hope it will be last beta, before production release.

To update:
$ yum update lve-utils --enablerepo=cloudlinux-updates-testing

Fix for CVE-2014-3153 vulnerability: new kernels 2.6.32-531.17.1.lve1.2.57 for CL6 & Hybrid

New CL6 and hybrid kernels 2.6.32-531.17.1.lve1.2.57 fixes local vulnerability CVE-2014-3153.
We will provide more details on the exploit itself, once it is publish to general public by MITRE CVE Dictionary

CL5 kernels are not vulnerable.

To update CL6 servers:
$ yum install kernel-2.6.32-531.17.1.lve1.2.57.el6 kmod-lve-1.2-61.el6

To update hybrid servers:
$ yum install kernel-2.6.32-531.17.1.lve1.2.57.el5h kmod-lve-1.2-61.el5h

Followed by reboot.

KernelCare customers should be secured already by a patch released about 14 hours ago.

KernelCare - CVE-2014-3153 - another vulnerability patched

Patches for CVE-2014-3153 is available for CentOS, RHEL, CloudLinux & OpenVZ kernels. There is no exploit code available today from what we know, but it is possible that it will appear in the public any day now, and might be already sold on relavent forums.
We will provide more details on the exploit itself, once it is publish to general public by MITRE CVE Dictionary

There is no kernels yet for CentOS, RHEL & CloudLinux that fix this vulnerability. OpenVZ released updated kernel yesterday night. We plan to release updated kernel on Monday.

KernelCare customers can enjoy the safety right now.

Alt-php update

Updates for alt-php are moved to our production channels

Changelog:
To update:
$ yum groupupdate alt-php

CL6/Hybrid kernel 2.6.32-531.17.1.lve1.2.56 moved to production

New kernel has been moved to production

Changelog:
To update CL6 servers:
$ yum install kernel-2.6.32-531.17.1.lve1.2.56.el6 kmod-lve-1.2-60.el6

To update hybrid servers:

$ yum install kernel-2.6.32-531.17.1.lve1.2.56.el5h kmod-lve-1.2-60.el5h

KernelCare had already delivered security updates available int this kernel, but new patch were issued to match effective kernel version.

KernelCare RPM bugfix

New version of kernelcare RPM had been released. Old version had a bug in a way it run depmod on kcare module, that could cause network module not to boot on reboot. To solve the issue:

$ yum clean all
$ yum update kernelcare

The issue affected only kernelcare-0.9-1 version of RPM. kernelcare-0.9-2 fixes the issue.

Beta: New CL6/Hybrid kernel kernel-2.6.32-531.17.1.lve1.2.56

New kernel is available from our updates-testing repositories.

Changelog:
To update CL6 servers:
$ yum install kernel-2.6.32-531.17.1.lve1.2.56.el6 kmod-lve-1.2-60.el6 --enablerepo=cloudlinux-updates-testing

To update hybrid servers:
$ yum install kernel-2.6.32-531.17.1.lve1.2.56.el5h kmod-lve-1.2-60.el5h --enablerepo=cloudlinux-hybrid-testing

Beta: alt-php update

Updates for alt-php are available from our updates-testing repository.

Changelog:
To update:
$ yum groupupdate alt-php --enablerepo=cloudlinux-updates-testing

Beta: MySQL Governor 1.0-60

New beta version of MySQL Governor is available.

Changelog:
  • don't create empty stats files when there is no activity
  • dbupdate support for cPanel 11.43
  • added account aname as default user in dbuser-map (if no db user set for an account)
  • check for MySQL-python package on install
  • support fro new lvectl format
  • installation bug fixes.
To install:
http://docs.cloudlinux.com/index.html?installation3.html

To update:
$ yum update governor-mysql --enablerepo=cloudlinux-updates-testing
$ /usr/share/lve/dbgovernor/mysqlgovernor.py --install

KernelCare key based registration for NAT & Dynamic IPs


Servers behind NAT (with one IP) and those using Dynamic IPs have a natural probem with IP based licenses. To solve that, we are releasing KEY based registration for such servers. This is needed only if you cannot or don't want to use IP based registration.

The registration process is simple:
$ kcarectl --register KEY

You can limit number of servers attached to the key (and give the key to your customer). Customer can also move the registration from server to server, by unregistring one server, and registering another. To unregister server - cutomer would use:
$ kcarectl --unregister

This is available to all KernelCare partners now

Beta: CageFS, LVE Manager, LVE Utils and LVE Stats updated

New beta versions of cagefs 5.2-36, lvemanager 0.8-1.32, lve-utils 1.4-18, lve-stats 0.10-31, python-cllib 1-19 are available from our updates-testing repository.
Those are mostly bugfixes for previous beta verson.

Changelog:

cagefs 5.2-36
  • CAG-294: add /usr/local/awstats/wwwroot/cgi-bin read-only mountpoint for DirectAdmin
  • CAG-289: CageFS User Manager for DirectAdmin under other admin accounts
  • CAG-293: cagefslib.py: strip trailing slash in function is_path_in_exclusions (if needed)
  • CAG-291: configure cagefs for postgresql correctly when /etc/sysconfig/postgres does not exist
  • CAG-295: add PING=/bin/ping to proxy.commands
lvemanager 0.8-1.32

  • LVEMAN-174: list of modules for selected php version is empty for existent user
  • LVEMAN-168: In cPanel when switching to a native version generates an error "php version is incorrect"
  • LVEMAN-160 fix: security CageFS bypass in DirectAdmin plugin found by Stieven Craig
  • LVEMAN-148 fix: DirectAdmin: add lines to /etc/sudoers for all admins
  • LVEMAN-153: cl-quota process mounts correctly
  • LVEMAN-158: ISPmanager can't use package name with quotas
lve-utils 1.4-18
  • LU-88: lvectl package-set doesn't set --pmem parameter
  • LU-87: bugfix for lvemanager (rus symbols in package names) for ISPmanager
  • LU-86: lvectl package-delete doesn't remove packages with russians symbols from /etc/container/ve.cfg on ISP
  • LU-77 additional fix: add functions to detect all admin users and user type in DirectAdmin
  • LU-85: lvectl do not accept decimal separator for vmem value
  • LU-77 fix: add functions to detect all admin users and user type in DirectAdmin
  • LU-84: getcontrolpackages show packages with space in it on ISP wrong
  • LU-83: lvect package-set can`t create package with russian name
  • LU-82: display warning "--cpu option had been deprecated, use --speed instead" instead of error
  • LU-81: remove max value of speed from lvectl --help
lve-stats 0.10-31

  • LVESTATS-33: bugfix for lveinfo --dbgov --from --to any options located after --to are ignored
  • LVESTATS-34: fix SQLite database is locked issue
  • LVESTATS-32: bugfix for dbgovchart with --period parameter
  • LVESTATS-20: retrieve LVE info from REDIS like HGET "testlveid.net" "domains.com:Domain:lveid" 10000)
  • LVESTATS-19: error while reading lve_version from database on package update
  • LVESTATS-24: Incorrect units produced by dbgovchart (KB/s instead MB/s)
  • LVESTATS-30: Added check if the faulted-user is present in cPanel
  • LVESTATS-31: statsnotifer: do not print error when CPanel is not installed, just do nothing

python-cllib 1-19
  • PTCLLIB-13: clsudo.py: add ability to process multiple users
  • PTCLLIB-12: memory_to_page func can't convert float numbers
  • PTCLLIB-11: Bugfix for lvectl list and user-list
  • PTCLLIB-10: add roundig in page_to_memory func
  • PTCLLIB-9: Add clconfpars (for parsing simple cofig files "key=val";)
  • PTCLLIB-8: clfunc.py: added reload_processes() function
To update:
$ yum update cagefs lvemanager lve-stats lve-utils --enablerepo=cloudlinux-updates-testing

CloudLinux initial support for OpenVZ and Virtuozzo

Limited support for OpenVZ and Virtuozzo had been added to CloudLinux. This is an early beta, so be careful testing it. It might cause server crashes - even though at this moment there is no known bugs.

The support is limited, and covers only:
  • CageFS
  • PHP Selector
  • max entry processes

Deployment instructions can be found at:
http://docs.cloudlinux.com/index.html?virtuozzo_and_openvz.html

Other things, like CPU, Memory, IO limits and MySQL governor, are currently not supported. In the next few months we will work on making sure UI elements in cPanel and other control panels correctly display only supported components.

After that we will try to tackle CPU limits, followed by Memory and IO limits. Due to the nature of those limits - it is not a simple task and might take us a long period of time to implement.

Additional kernels are now supported by KernelCare

We have added for a range of older kernels by KernelCare. The following kernels were added:
RHEL/CentOS 6:
Processing kernel-2.6.32-279.2.1.el6
Processing kernel-2.6.32-279.11.1.el6
Processing kernel-2.6.32-279.9.1.el6
Processing kernel-2.6.32-279.5.1.el6
Processing kernel-2.6.32-279.14.1.el6
Processing kernel-2.6.32-279.22.1.el6
Processing kernel-2.6.32-279.5.2.el6
Processing kernel-2.6.32-279.19.1.el6


CloudLinux 6
Processing kernel-2.6.32-379.22.1.lve1.2.17.el6
Processing kernel-2.6.32-379.22.1.lve1.2.17.1.el6


To see full list of supported kernels: http://patches.kernelcare.com

Getting Ready for HostingCon.China

Different PHP versions per directories using PHP Selector

We had few requests to support different PHP versions per directory. While this is not available using PHP Selector UI, it is fairly simple to do manually.

The important requirement is that PHP must be set to be running in SuPHP mode. We are soon to release our own PHP module for Apache - that would also support such mode of operation. Tested with cPanel however it will work on any other server.

Here is quick how-to:

1. Configure handlers for different versions and point them to already provided php-cgi binaries, they all are visible from CageFS inside. Add the following section to the end of /opt/suphp/etc/suphp.conf :
Quote
application/x-httpd-php52="php:/opt/alt/php52/usr/bin/php-cgi"
application/x-httpd-php53="php:/opt/alt/php53/usr/bin/php-cgi"
application/x-httpd-php54="php:/opt/alt/php54/usr/bin/php-cgi"
application/x-httpd-php55="php:/opt/alt/php55/usr/bin/php-cgi"
application/x-httpd-php56="php:/opt/alt/php56/usr/bin/php-cgi"


3. Add suphp handlers for each version, this should be done before other configs. On cPanel server, edit /usr/local/apache/conf/includes/pre_main_global.conf and add following section:
Quote
<Directory />
suPHP_AddHandler application/x-httpd-php52
suPHP_AddHandler application/x-httpd-php53
suPHP_AddHandler application/x-httpd-php54
suPHP_AddHandler application/x-httpd-php55
suPHP_AddHandler application/x-httpd-php56
</Directory>

3. Restart apache.

That’s it, now apache understand what binary should be used for different mime types. To use desired version in a particular directory, just add a line to .htaccess in that directory (or create .htaccess file with that line, if it is not there).

For example for php5.4, add the following line will be:
Quote
AddHandler application/x-httpd-php54 .php .php5

Subdirectories will be will use the same PHP version as parent … unless you override it with another .htaccess entry in that subdirectory.

PHP extensions selection will match extensions selected by end user for that PHP version in PHP Selector.

This is not an ‘officially’ supported way to run multiple PHP per account, but it is a safe hack that will work for anyone using suPHP.

Pages: Prev. | 1 | 2 | 3 | 4 | 5 | ... | 21 | Next