Blog

Login Register

New CL5 kernel with fix for CVE-2014-9322

New kernel 2.6.18-498.el5.lve0.8.80 is available for CloudLinux 5.x

Changelog:
  • Fix for CVE-2014-9322
To update:
$ yum install kernel-2.6.18-498.el5.lve0.8.80

If you use KernelCare - patch will be ready in production by tomorrow morning. If you want to test the patch now, you can do it by running:
$ kcarectl --update --test

CL6 / Hybrid kernel update 2.6.32-531.29.2.lve1.3.11.1 fixes CVE-2014-9322

New kernel for CL6/Hybrid available for stable channel. The kernel fixes local privilege escalation vulnerability CVE-2014-9322. Everyone is recommended to update.

Changelog:
  • Fix for CVE-2014-9322
  • Fix in memory management should improve NFS performance
To update CL6 servers run:
$ yum install kernel-2.6.32-531.29.2.lve1.3.11.1.el6

To update hybrid servers run:
$ yum install kernel-2.6.32-531.29.2.lve1.3.11.1.el5h

KernelCare patch that fixes CVE-2014-9322 issue had been released. If you would like to get KernelCare subscription, you can order it from your cln.cloudlinux.com account

KernelCare local privilege escalation patch for PCS/OpenVZ/CL6/CL5h/CentOS6/RHEL6 CVE-2014-9322

This update includes patch for CVE-2014-9322 vulnerability. I am sorry about unusual delay with this patch. This patch was the most complex patch we have seen so far. It was in assembler code, while most patches are in C. It was altering how interrupt handlers work. It is highly unusual, and there were no such security patches in the past 3 years. We had to add special handing to our patch generation software to accommodate for that, and it took as significant amount of time to get there. While we started more then 24 hours before (4 days ago) any vendors released updated kernels, it is only now that we have a working patch. From now on we should be able to handle such patches with ease.

Systems with AUTO_UPDATE=True (DEFAULT) in /etc/sysconfig/kcare/kcare.conf will automatically update, and no action is needed for them.



You can manually update the server by running:
# /usr/bin/kcarectl --update


CVEs: CVE-2014-9322 CVE-2014-6410 CVE-2012-6657 CVE-2014-5471, CVE-2014-5472


Details:
  • CVE-2014-9322 x86: local privesc due to bad_iret and paranoid entry incompatibility
    A flaw was found in the way the kernel handled GS segment register base switching when recovering from a #SS (stack segment) fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system.
  • CVE-2012-6657 net: guard tcp_set_keepalive against crash
    It was found that the kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system.
  • CVE-2014-5471 isofs: unbound recursion when processing relocated directories
    It was found that the parse_rock_ridge_inode_internal() function of the kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system.
  • CVE-2014-5472 isofs: unbound recursion when processing relocated directories
    It was found that the parse_rock_ridge_inode_internal() function of the kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system.

  • CVE-2014-6410 udf: Avoid infinite loop when processing indirect ICBs
    A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format (UDF) file system implementation processed indirect Information Control Blocks (ICBs). An attacker with physical access to the system could use a specially crafted UDF image to crash the system.

KernelCare CVE-2014-9322 patch

Update: The patch has been released on Dec 18, 2014 at 1pm ET. You can read more about it here: http://www.cloudlinux.com/blog/clnews/kernelcare-local-privilege-escalation-patch-for-pcsopenvzcl6cl5hcentos.php

We have received numerous requests for CVE-2014-9322 patch. Right now we are running burn in tests that should finish in a few hours. This patch was the most complex patch so far. It was in assembler code, while most patches are in C, and it was altering how interrupt handlers work. It is highly unusual, and there were no such security patches in the past 3 years. We had to add special handing to our patch generation software to accommodate for that, and it took as significant amount of time to get there. While we started more then 24 hours before (4 days ago) any vendors released updated kernels, it is only now that we have a working patch. From now on we should be able to handle such patches with ease.

If you want to test the patch now, please, run (there is a slight chance of crash, as it burn in tests are yet to finish):
$ kcarectl --update --test

Or wait -- and within next 2-6 hours your system should get updated.

Bugfix release: OptimumCache 0.2-15

New version of OptimumCache 0.2-15 comes out with performance fixes and usability improvements.

Changelog:

OptimumCache 0.2-15

‘occtl --mark-dir…’ and ‘occtl --check...’ commands are now limited in resource consumption, thanks to LVE. Default limits are: 5MB/s for IO and 50% of one CPU core. To override those, one can edit appropriate settings in /etc/sysconfig/optimumcache:

# occtl --mark-dir or --check operations IO limit, MB/s, default is 5 MB/s
# OCCTL_LVE_IO_LIMIT=5

# occtl --mark-dir or --check operations %cpu limit, default is 50% of one CPU core
# OCCTL_LVE_SPEED_LIMIT=50

# Lve ID to associate limits with
# LVEID=5

To ignore these limits, just supply the command with switch ‘--no-lve-limits’ like:

occtl --mark-dir /home --recursive --no-lve-limits

Due to the limits, these command execution time will be scaled appropriately. Thus, the optimal way of spawning it will be via ‘nohup’:

nohup occtl --mark-dir /home --recursive &

To update run:

# yum update optimumcache --enablerepo=cloudlinux-updates-testing

Beta: Alt-PHP updated

New updates for Alt-PHP are available for beta channel.

Changelog:
  • alt-php*-ioncube-loader updated to 4.7.2;
  • alt-php*-phalcon updated to 1.3.4;
  • add PEAR packages: Net_Socket, Auth_SASL, Net_SMTP 44 & alt-php 51.
To update run:
$ yum groupupdate alt-php --enablerepo=cloudlinux-updates-testing

Bugfix release: OptimumCache 0.2-14

New version of OptimumCache 0.2-14 is available from our updates-testing repository. New OptimumCache is a bugfix release to address stability and memory consumption issues that were detected on some deploys.

Changelog:

OptimumCache 0.2-14
  • fixed up excessive memory usage for ‘occtl --check’ and really big ‘/home/’, ‘/home1/’, ‘/home2’... directory. Memory consumption will not grow during the tool invocation;
  • cannot create ploop image on first install problem fixed;
  • crash due to signal SIGBUS caught problem fixed;
  • added skipmask to ignore files under /home2, /home3 etc.
The mask to exclude from cache all hidden files was added:

# occtl --list-skip-mask
idtagregex
----------------------------------
1all_dot_files/\...*
2cpanel ^/home/cPanelInstall
3cpanel ^/home/cpeasyapache
4cpanel ^/home/aquota
5cpanel ^/home/jailshell
6cpanel ^/home/[^/]+/mail$
7cpanel ^/home/[^/]+/mail/.*
8cpanel ^/home/[^/]+/logs$
9cpanel ^/home/[^/]+/logs/.*
10cpanel ^/home/[^/]+/\.cpanel$
11cpanel ^/home/[^/]+/\.cpanel/.*
12cpanel ^/home/[^/]+/\.cagefs
13cpanel ^/home/[^/]+/\.cagefs/.*
14cpanel ^/home/virtfs
15cpanel ^/home/virtfs/.*
16home_special^/home/\..+
17quota^/home/quota.user$
To update run:

# yum update optimumcache --enablerepo=cloudlinux-updates-testing

Beta: MySQL-Governor 1.0-78 with MariaDB 10.1.1

New version of MySQL Governor with MariaDB support is available from our beta repository. New version adds new MariaDB 5.5.40 support:

Changelog:
  • added support for MariaDB 10.1;
  • fixed error with iolimit for CL5;
  • added reseting of statistics on restrict;
  • fixed dbuser map file for DA error;
  • updated MariaDB55 up to 5.5.40.
To update

$ yum update governor-mysql --enablerepo=cloudlinux-updates-testing
$ /usr/share/lve/dbgovernor/mysqlgovernor.py --install

To install, follow: http://docs.cloudlinux.com/index.html?installation3.html

To switch to MariaDB 10.1
$ /usr/share/lve/dbgovernor/db-select-mysql --mysql-version=mariadb101
$ /usr/share/lve/dbgovernor/mysqlgovernor.py --install-beta

Updated MariaDB packages up to 5.5.40 with fix for decreasing LA when used huge MyISAM tables. For installation new MariaDB 5.5.40 use such commands:

$ /usr/share/lve/dbgovernor/db-select-mysql --mysql-version=mariadb55
$ /usr/share/lve/dbgovernor/mysqlgovernor.py --install-beta

KernelCare support for Debian 7 added

Debian 7 (64bit) was added to the list of supported Linux distributions.
We now support:
RHEL/CentOS 5, 6 & 7
CloudLinux 5, 6, 5hybrid
Debian 6, 7

We plan to add Ubuntu support in the next few weeks.

Beta: CL6/Hybrid kernel 2.6.32-531.29.2.lve1.3.11

New beta kernel for CL6/Hybrid is available. This kernel fixes an issue with memory manager that should significantly improve NFS performance on systems with large number of LVEs.

Changelog:
To install new kernel run:

To update CL6 servers:
yum install kernel-2.6.32-531.29.2.lve1.3.11.el6 lve-kmod-1.3-11.el6 --enablerepo=cloudlinux-updates-testing

To update Hybrid servers:
yum install kernel-2.6.32-531.29.2.lve1.3.11.el5h lve-kmod-1.3-11.el5h --enablerepo=cloudlinux-hybrid-testing

Beta: lvemanager updated

New updates for our LVE Manager (version 0.8-1.47.12) are available from our beta repository.

Changelog:

LVE Manager 0.8-1.47.12

  • LVEMAN-278: icon added for "Selectl PHP Version" option in Paper Lantern theme on new installation of CPanel 11.46;
  • LVEMAN-275: "Select PHP Version" option is available on new installation of CPanel 11.46;
To update run:

yum update lvemanager --enablerepo=cloudlinux-updates-testing

Beta: liblve updated

New update for liblve (version 1.3-1.4) is available from our beta repository. The fix solves the problem of creating unnecessary extra threads on CloudLinux 5.

Changelog:

liblve 1.3-1.4
  • Fix creation of unnecessary threads on CL5.
To update run:
$ yum update lve liblve liblve-devel --enablerepo=cloudlinux-updates-testing

File Cache with OptimumCache


OptimumCache (beta version currently) is a component which handles duplicate files in the way that they are loaded just once from filesystem cache. By doing that, system bypasses disk IO, significantly improving the speed of reading that file, while lowering load on the hard disk.

OptimumCache can run with ploop or without. Ploop is a disk block device that is mounted as /var/cache/optimumcache image file. Ploop is not available in kernel version under lve 1.2.55, thus OptimumCache can work without ploop on older version kernel. In this case cache files get directly
into /var/cache/optimumcache/.

Ploop image file /var/share/optimumcache/optimumcache.image is mounted in /var/cache/optimumcache/, so the directory structure remains the same. The main advantage of ploop is that you can set it's size which won't be exceeded.

Usualy 'occtl --mark-dir /home --recursive' process takes a long time, as the major task is to go through all the files in specified directory and subdirectories, check sha1sum of each of them and set the necessery attribute.

E.g.:

# sha1sum /home/cltest3/public_html/i.php
3dd4d2639a035a9c311b50bced7b711655360351 /home/cltest3/public_html/i.php

# getfattr -d -m pfcache /home/cltest3/public_html/i.php
trusted.pfcache="3dd4d2639a035a9c311b50bced7b711655360351"

sha1 hash is used here to place file in cache directory, in the example above it will be placed in
/var/cache/optimumcache/3d/d4d2639a035a9c311b50bced7b711655360351

(where the first two symbols mean directory and the next goes file name).

Files with the same content get the same sha1sum:

# sha1sum i.php
3dd4d2639a035a9c311b50bced7b711655360351 i.php

# cat i.php
<? phpinfo() ?>

# sha1sum m.php
3dd4d2639a035a9c311b50bced7b711655360351 m.php

which means that finally both will lead to the same cached file:

# cat /var/cache/optimumcache/3d/d4d2639a035a9c311b50bced7b711655360351
<? phpinfo() ?>



In OptimumCache v0.2 the automark is used. Its attribute is set in the directory so as the file is changed or the new file is created, the needed attribute will be automatically assigned to it. To check if automark works in the directory run:

# getfattr -d -m pfcache /home/cltest3/public_html/
trusted.pfcache="auto"

There is a list of directories that do not work with mark/automark, you can check it via occtl --list-skip-mask. These are quote files, cPanel service files, user mail files.

To check cache use statistics run:

# optimumcache stat /home/
csums: 29576 (38.5%)
fetched uncached cached
inodes: 76907 25416 51491 (67.0%)
size: 4171982 2751344 1420638 (34.1%)
RAM: 701648 85872 615776 (87.8%)

where:

csums is number of unique files (control sums), 38,5% - their percentage from total files count (in /home);
fetched - number of records marked;
uncached - number of items not cached;
cached - number of items cached (with percentage).

Lower value of csums means higher amount of similar files, which means better performance.

Note: On live systems it is unlikely possible to reach percentage lower than 25% due to different files/CMS used, number of content uploaded by customers, number of emails in mailboxes, etc.

Find all the necessery information on OptimumCache here http://docs.cloudlinux.com/index.html?optimumcache.html

Beta: mod_lsapi 0.1-85

New beta version of mod_lsapi (0.1-85) is now available from our updates-testing repository.

Changelog:
  • added creation of after_apache_make_install hook if not exists (cPanel rebuild issue);
  • added mod_lsapi rebuild to after_apache_make_install hook (cPanel rebuild issue);
  • 302 Moved Temporarily instead of 302 Found;
  • chrome 302 issue fix;
  • tmpfile and tmpnam removed (security issue).
To update run:

cPanel:
$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing
$ yum update cpanel-mod-lsapi --enablerepo=cloudlinux-updates-testing

DirectAdmin:
$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing
$ cd /usr/local/directadmin/custombuild
$ ./build update
$ ./build mod_lsapi

RPM based:
$yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing
$yum update mod_lsapi --enablerepo=cloudlinux-updates-testing

More info:
http://docs.cloudlinux.com/index.html?installation_mod_lsapi.html

Alt-php updated

New release of alt-php had been uploaded to production channels.

Changelog:

To update run:

$ yum groupupdate alt-php

Bugfix release: OptimumCache 0.2-10

New version of OptimumCache 0.2-10 is available from our updates-testing repository. New OptimumCache is a bugfix release to address performance issues mainly that were detected on some deploys.

What is included in this release?

Fix for high CPU consumption issue

At some deploys, where number of inodes for mount point, that was added for caching, reached almost 2M, OptimumCache used to take 1 CPU core busy with 100% load, from time to time, with timeout of 5s between usage peaks.

How to check number of inodes:

# df -i /home
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/mapper/sys3msT-root
52148272 1995531 28089086 7% /

At the very start OptimumCache may once again splash with 100% CPU core consumption for a number of seconds. Though, very soon those splashes will become rare, due to adaptive timeout, which will adjust itself to server load.

High IO fix

Eliminates superflows fsync() calls in OptimumCache operations. To activate this fix in existing installation, flag NOIMMSYNC=1 has to be manually set in /etc/syscoconfig/optimumcache.

To ensure that this parameter is set ON in the config, set LOGLEVEL=2 and execute ‘service optimumcache restart’. You will see something like this:

optimumcache[1770]: Hash-size: 100000000 min-size: 0 max-size: 18446744071562067968
optimumcache[1770]: Count: 0 Timeout: 5
optimumcache[1770]: Max Timeout: 160 Adaptive Timeout Mul/Div: 2/4
optimumcache[1770]: Iolimit: 0 iopslimit: 0
optimumcache[1770]: No immediate fsync: Yes
optimumcache[1771]: Starting OptimumCache monitor

To update run:

# yum update optimumcache --enablerepo=cloudlinux-updates-testing

Beta: OptimumCache updated

OptimumCache 0.2-9 released to updates-testing repository.

Changelog:

OptimumCache 0.2-9

  • workaround problem when unable to stop optimumcache on SIGTERM;
  • adaptive timeout to address problem of extensive CPU usage for FS with big inodes count (>2M);
  • fix for crash in 'optimumcache mount', when optimumcache_store line length exceeds 1024 stack buffer limit.
To update run:

# yum update optimumcache --enablerepo=cloudlinux-updates-testing
if IO Wait is high on the server, then add NOIMMSYNC=1 to /etc/sysconfig/optimumcach and restart optimumcache

To install run:
# yum update optimumcache --enablerepo=cloudlinux-updates-testing

More information at: http://docs.cloudlinux.com/index.html?optimumcache.html

Beta: Alt-PHP updated

New updates for Alt-PHP are available for beta channel.

Changelog:

alt-php 44 & alt-php 51

  • build with memory-limit option;
alt-php

To update run:
$ yum groupinstall alt-php --enablerepo=cloudlinux-updates-testing

CL6/Hybrid kernel 2.6.32-531.23.3.lve1.3.6

New kernel for CL6/Hybrid available for stable channel. The kernel provides major updates and set of new features over lve-1.2. As such the version was increased to lve 1.3.x.

Changelog:
  • high precision CPU limits (precision of 1% of a core speed is possible);
  • IOPS limit support;
  • LVE/CageFS support by process name;
  • fixes for the issue with off by 1 load average introduced in previous beta kernel.
Put loadavg thread into interruptible sleep

To update CL6 servers run:
$ yum install kernel-2.6.32-531.23.3.lve1.3.6.el6 kmod-lve-1.3-6.el6

To update hybrid servers run:
$ yum install kernel-2.6.32-531.23.3.lve1.3.6.el5h kmod-lve-1.3-6.el5h

CageFS, liblve, lve-utils, LVE Manager, python-cllib and lve-stats updated for stable

New update for CageFS, liblve, lve-utils, LVE Manager, python-cllib and lve-stats is available for stable channel. Major changes are introduction of IO operations per second limits, high precission CPU limits (you can now setup speed precission as low as 1% of a single core, no matter how many cores), and ability to specify the processes that needs to be in LVE/CageFS by name. Also some issues with Plesk and lvectl service were fixed, compatibility with VZ/OpenVZ/PCS deployment was improved as well as fixes for LVE plugins and statistics for new cPanel version 11.46 were made.

Changelog:

CageFS 5.3-5
  • CAG-315: cagefsctl --rebuild-alt-php-ini reset some parameters to defaults;
  • CAG-322: the error while installing CGI Wrapper for Plesk fixed;
  • CAG-328: cgi_wrapper optimized for Plesk in order to reduce number of processes, orphaned processes avoided;
  • CAG-319: added support for commenting /etc/cl.selector/php.conf;
  • CAG-324: "-c /etc/php.ini" options used for alternative php versions in cgi_wrapper for Plesk;
  • CAG-323: cagefsctl executed without sudo on Plesk CageFS plugin;
  • CAG-326: rake/gem added to ruby.cfg file;
  • CAG-325: /usr/bin/userdel.cagefs: suppress errors/warnings when user does not exists.
liblve 1.3-1.3
  • LIBLVE-7: enter to cagefs by process name;
  • CAG-76: added new "splitted by username" mount type in cagefs.mp;
  • support of hires cpu limit;
  • LVEMAN-109: add handling of iops and speed (for proc version to cpanel/extension/cl_modify_pkg.py;
  • add ability to change lve_ext template on cpanel;
  • Added lve_namespaces service to record LVE namespaces on boot;
  • ALTPHP-31:MariaDB 10 support in php-selector.
lve-utils 1.4-32
  • LU-92: fixed PID column in lveps -p output;
  • shows command names in the COM column;
  • LU-91: add lve_namespaces service;
  • LU-107: add --no-iops option to lvectl, getcontrolpaneluserslimits (for backward compatibility);
  • LU-100: lvetop displays CPU usage in terms of 'speed' setting;
  • LU-97: lvectl set $LVE --iops $IOPS sets IOPS parameter;
  • LU-90: getcontrolpackages fail in DirectAdmin with broken cache file fixed;
  • LU-111: re-register lvectl service while update of lve-utils package fixed;
  • LU-110: lvectl package-list displays EP limit correctly;
  • LU-108: cldetectlib.py, cldetect: added detection of VZ/PCS/OpenVZ;
  • LU-109: settings for /proc/lve/enter are stored in /etc/container/ve.cfg.
python-cllib 1.1-2
  • python-simplejson added as dependency;
  • PTCLLIB-18: a universal API for control panel integration was provided, general use functions added in python-cllib;
  • added ability to save changes to config files in python library;
  • added ability to read config file with case sensitivity;
  • PTCLLIB-17: class for logging was added.
lvemanager 0.8-1.47.10
  • LVEMAN-223: added conflicts for PHP APCu module;
  • LVEMAN-222: bugfixes made for LVE Manager->packages in cPanel;
  • LVEMAN-161: filter reseller packages correctly for cPanel;
  • LVEMAN-166: NCPU removed from LVE Manager for cPanel;
  • LVEMAN-217: DirectAdmin LVE Manager for /proc/lve/list 8: column values corrected in settings, packages;
  • LVEMAN-214: use --no-iops option in lvectl commands in LVE Manager for compatibility with new lve-utils;
  • LVEMAN-212: Default values in Edit package page are corrected for Plesk -> LVE Manager;
  • LVEMAN-211: accounts page fails in Plesk fixed;
  • LVEMAN-228: number fields outputted coincide with quantity of columns;
  • LVEMAN-227: 'SPEED' column header in cPanel now contains “%” sign;
  • LVEMAN-226: 'submit' tag input fixed in Resource Usage page on cPanel;
  • LVEMAN-226: DirectAdmin: Fix for LVE Manager error on LVE v8;
  • LVEMAN-225: Plesk: Fix for LVE Manager error on LVE v8;
  • LVEMAN-218: displaying all limits correctly when using VZ/PCS/OpenVZ in cPanel;
  • LVEMAN-259: Resource Usage icon duplicated in Paper Lantern theme in CPanel 11.46;
  • LVEMAN-255 corrections made for icons in paper_latern theme cpanel - "Select PHP Version" and "Resource usage" plugins have correct look (CPanel header and footer are present);
  • LVEMAN-254, 256: corrections made for statistics page in DA;
  • LVEMAN-186: save button displays list index correctly on cpanel with PHP5.4;
  • LVEMAN-179: disabled opcache for php-cli (execute php -d opcache.enable_cli=0 -i) when getting php options/extensions;
  • LVEMAN-155: PHP-Selector image with Paper Lantern (part 3: adapt to 11.46.0);
  • LVEMAN-249: Plesk lvemanager->statistics: extra options under LVE4;
  • LVEMAN-247: correct request names set for 'Show LVEs Approaching Limit' Plesk Lvemanager-> Statistics;
  • LVEMAN-251: cpanels Paper_Lantern theme now shows all stats in left section (cPanel >= 11.46);
  • LVEMAN-250 LVE statistics is corrected in Stats Bar on cPanel 11.46;
  • LVEMAN-248: in Iworx Lvemanager settings "0k" is replaced with "-" for unlimited Pmem Vmem;
  • LVEMAN-233: PHP Selector fails on Plesk 12 in some cases fixed;
  • LVEMAN-245: Statistics output doesn't contain empty values (Plesk Lvemanager);
  • LVEMAN-244: LVE Manager json api processes maxEntryProcs parameter;
  • LVEMAN-155: PHP-Selector image with Paper Lantern (fixed theme name and icon size);
  • LVEMAN-199: cpanels Paper_Lantern theme shows all stats in left section;
  • LVEMAN-221: added support for commenting /etc/cl.selector/php.conf;
  • LVEMAN-191: traceback on install lvemanager at cPanel;
  • LVEMAN-155: PHP-Selector image with Paper Lantern is corrected for all cPanel versions including 11.46;
  • LVEMAN-203: LVE Manager json api does processes SPEED parameter;
  • LVEMAN-192: inode limits reset together with lve limits;
  • LVEMAN-193: corrected misspelled Notifications in LVE Manager notifications;
  • LVEMAN-237: list of statistics requests in Lvemanager-stats corrected in Plesk LVE 8;
  • LVEMAN-241: Errors in Iworx lvemanager with LVE 8 fixed;
  • LVEMAN-234: list of options in statistics in LVE Manager is corrected in DirectAdmin - /proc/lve/list 8;
  • LVEMAN-233: PHP Selector settings modified for Plesk 12.
lve-stats 0.10-41
  • LVESTATS-52: Graphs for small speed values are created;
  • LVESTATS-51: lvestats-server work on /proc/lve/list ver 4;
  • LVESTATS-50: lvestats-server: calculates cpu limit correctly for /proc/lve/list ver 8;
  • LVESTATS-37: mark parameters that were exceeded by users in nootification e-mails for admin and resellers;
  • LVESTATS-36: lveinfo data from MySQL on centralized server corrected;
  • LVESTATS-17: Record and manage IOPS;
  • LVESTATS-54: the typo in lveinfo json reply fixed;
  • LVESTATS-58: /etc/init.d/lvestats: pass parameters to lvestats-server are corrected;
  • LVESTATS-55: lveinfo: process pmem and nproc parameters for --by-fault option correctly for /proc/lve/list version 8.
Please, note that this update will install new kernel. Reboot is needed to enable all the new features, like high precission CPU speed limits, and IOPS.

To update run:
yum update cagefs lvemanager lve-utils lve-stats python-cllib

We're looking for KernelCare testimonials

If you are using KernelCare, you can help us. We are looking for KernelCare testimonials to display on our kernelcare.com website. We need:

  • Your name & title
  • Your picture
  • Company name
  • Few sentences about how you are using KernelCare, and why you like it.
Please, send testimonials to [email protected]

Your help is greatly appreciated.

Beta: CageFS, LVE Manager and LVE Stats updated

New versions of cagefs 5.3-5, lvemanager 0.8-1.47.10 and lve-stats-0.10-41 are available from our updates-testing repository. The actual release includes many bugfixes, the most important are fixes for LVE plugins and statistics for new сPanel version 11.46.

Changelog:

cagefs-5.3-5
  • CAG-328: cgi_wrapper optimized for Plesk in order to reduce number of processes, orphaned processes avoided;
  • CAG-319: added support for commenting /etc/cl.selector/php.conf;
  • CAG-324: "-c /etc/php.ini" options used for alternative php versions in cgi_wrapper for Plesk;
  • CAG-323: cagefsctl executed without sudo on Plesk CageFS plugin;
  • CAG-326: rake/gem added to ruby.cfg file;
  • CAG-325: /usr/bin/userdel.cagefs: suppress errors/warnings when user does not exists.
lvemanager-0.8-1.47.10
  • LVEMAN-259: Resource Usage icon duplicated in Paper Lantern theme in CPanel 11.46;
  • LVEMAN-255 corrections made for icons in paper_latern theme cpanel - "Select PHP Version" and "Resource usage" plugins have correct look (CPanel header and footer are present);
  • LVEMAN-254, 256: corrections made for statistics page in DA;
  • LVEMAN-186: save button displays list index correctly on cpanel with PHP5.4;
  • LVEMAN-179: disabled opcache for php-cli (execute php -d opcache.enable_cli=0 -i) when getting php options/extensions;
  • LVEMAN-155: PHP-Selector image with Paper Lantern (part 3: adapt to 11.46.0);
  • LVEMAN-249: Plesk lvemanager->statistics: extra options under LVE4;
  • LVEMAN-247: correct request names set for 'Show LVEs Approaching Limit' Plesk Lvemanager-> Statistics;
  • LVEMAN-251: cpanels Paper_Lantern theme now shows all stats in left section (cPanel >= 11.46);
  • LVEMAN-250 LVE statistics is corrected in Stats Bar on cPanel 11.46;
  • LVEMAN-248: in Iworx Lvemanager settings "0k" is replaced with "-" for unlimited Pmem Vmem;
  • LVEMAN-233: PHP Selector fails on Plesk 12 in some cases fixed;
  • LVEMAN-245: Statistics output doesn't contain empty values (Plesk Lvemanager);
  • LVEMAN-244: LVE Manager json api processes maxEntryProcs parameter;
  • LVEMAN-155: PHP-Selector image with Paper Lantern (fixed theme name and icon size);
  • LVEMAN-199: cpanels Paper_Lantern theme shows all stats in left section;
  • LVEMAN-221: added support for commenting /etc/cl.selector/php.conf;
  • LVEMAN-191: traceback on install lvemanager at cPanel;
  • LVEMAN-155: PHP-Selector image with Paper Lantern is corrected for all cPanel versions including 11.46;
  • LVEMAN-203: LVE Manager json api does processes SPEED parameter;
  • LVEMAN-192: inode limits reset together with lve limits;
  • LVEMAN-193: corrected misspelled Notifications in LVE Manager notifications;
  • LVEMAN-237: list of statistics requests in Lvemanager-stats corrected in Plesk - LVE 8;
  • LVEMAN-241: Errors in Iworx lvemanager with LVE 8 fixed;
  • LVEMAN-234: list of options in statistics in LVE Manager is corrected in DirectAdmin - /proc/lve/list 8;
  • LVEMAN-233: PHP Selector settings modified for Plesk 12.
lve-stats-0.10-41
  • LVESTATS-58: /etc/init.d/lvestats: pass parameters to lvestats-server are corrected;
  • LVESTATS-55: lveinfo: process pmem and nproc parameters for --by-fault option correctly for /proc/lve/list version 8.
To update run:
yum update cagefs lvemanager lve-stats --enablerepo=cloudlinux-updates-testing

Alt-PHP updated for stable

Alt-PHP 44, 51, 52, 53, 54, 55 and 56 updated for stable channel.

Changelog:

  • added MySQLND support;
  • added interbase/firebird support;
  • added alt-firebird package;
  • added APCu extension;
  • updated PECL extensions:
    • yaf updated to 2.3.2;
    • mongo updated to 1.5.7;
    • ZendOpcache updated to 7.0.3;
    • xdebug updated to 2.2.5;
    • timezonedb updated to 2014.7;
    • igbinary updated to 1.2.1;
    • doublemetaphone to 1.0.1.
To update run:
yum groupupdate alt-php

Beta: mod_lsapi 0.1-77 and OptimumCache 0.2-6

New beta version of mod_lsapi (0.1-77) and OptimumCache (0.2-6) are available from our updates-testing repository.

Changelog:

mod_lsapi:
  • сhunked POST error fix;
  • working with unknown Content-Length;
  • lsapi_backend_coredump parameter added;
  • added native lsphp building for cPanel;
  • added selfstarter mode (enabled by default for preventing virtual memory limits trouble);
  • Apache 2.2 log bug fix;
  • timeout for backend poll added;
  • read/write/poll backend refined;
  • log messages on error conditions added;
  • delayed invoke mode added;
  • dealing with 304 response;
  • event mask bug fixed;
  • TMPDIR, TEMP and TMP added into safe env var list;
  • REDIRECT_STATUS fix;
  • 503 response when lsphp is killed;
  • 401 redirect fix;
  • send_data simplified;
  • lsapi_mutex_mech option added;
  • made security fixes and code optimizations;
  • added building native lsphp for cPanel.
To update run:

cPanel:
$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing
$ yum update cpanel-mod-lsapi --enablerepo=cloudlinux-updates-testing

DirectAdmin:
$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing
$ cd /usr/local/directadmin/custombuild
$ ./build update
$ ./build mod_lsapi

RPM based:
$yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing
$yum update mod_lsapi --enablerepo=cloudlinux-updates-testing

More info:
http://docs.cloudlinux.com/index.html?installation_mod_lsapi.html

OptimumCache:
  • skip masks for /home/quota.user added.
To update run:

# yum update optimumcache --enablerepo=cloudlinux-updates-testing
if IO Wait is high on the server, then add NOIMMSYNC=1 to /etc/sysconfig/optimumcach and restart optimumcache

To install run:
# yum update optimumcache --enablerepo=cloudlinux-updates-testing

More information at: http://docs.cloudlinux.com/index.html?optimumcache.html

Alt-PHP updated for beta and stable

Alt-PHP 54, 55 and 56 are updated for beta and stable channels.

Changelog:

Stable channel:
To update run:
yum groupinstall alt-php

Beta channel:
To update run:
yum groupinstall alt-php --enablerepo=cloudlinux-updates-testing

Pages: Prev. | 1 | 2 | 3 | 4 | 5 | ... | 24 | Next