CloudLinux OS Blog

Beta: CloudLinux 7 and CloudLinux 6 Hybrid kernel updated

Beta: CloudLinux 7 and CloudLinux 6 Hybrid kernel updated

CloudLinux 7 and CloudLinux 6 Hybrid Beta kernels with Resellers Limits that includes fixes for Meldown and Spectre vulnerabilities are available for download from our updates-testing repository.

Changelog:

  • added patches for Meltdown and Spectre attacks (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754);
  • KMODLVE-142: resync stats before returning IO usage;
  • KMODLVE-140: fix panic with module loading;
  • KMODLVE-139: add ability to set debug level in load time;
  • KMODLVE-138: properly check lve_cgroup_kernel_open return value;
  • KMODLVE-134: code cleanup for better test coverage;
  • KMODLVE-131: improve failure IDs handling;
  • KMODLVE-127: lvp_lve_move implementation.

To install new kernel, please run the following command:

CloudLinux 7

yum clean all --enablerepo=cloudlinux-updates-testing && yum update linux-firmware microcode_ctl && yum install kernel-3.10.0-714.10.2.lve1.5.8.el7 --enablerepo=cloudlinux-updates-testing

CloudLinux 6 Hybrid

yum clean all --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing && yum update linux-firmware microcode_ctl && yum install kernel-3.10.0-714.10.2.lve1.5.8.el6h --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing

Topic: CloudLinux OS Blog , Tags: #News, #CloudLinux OS 7, #kernel-cl7, #beta,

2749 people viewed this

Comments (14)

 
by Guest - Eric Caldwell / Friday, 05 January 2018 20:32

Is this necessary for customers with KernelCare?

Is this necessary for customers with KernelCare?
by Inga Vakulenko / Friday, 05 January 2018 21:05

Hi Eric,
please note that KernelCare does deliver updates for kernels that support Reseller Limits. If you are using Reseller Limits and have a kernel that supports the feature installed you do not really need to update. However, you might want to install this new kernel (and we'd recommend doing so) as it includes a fix for a major vulnerabilities Meltdown and Spectre.
You can find more information here https://www.cloudlinux.com/cloudlinux-os-blog/entry/intel-cpu-bug-kernelcare-and-cloudlinux

Hi Eric, please note that KernelCare does deliver updates for kernels that support Reseller Limits. If you are using Reseller Limits and have a kernel that supports the feature installed you do not really need to update. However, you might want to install this new kernel (and we'd recommend doing so) as it includes a fix for a major vulnerabilities Meltdown and Spectre. You can find more information here https://www.cloudlinux.com/cloudlinux-os-blog/entry/intel-cpu-bug-kernelcare-and-cloudlinux
by Guest - Eric Caldwell / Friday, 05 January 2018 21:15

Sorry, should have been clearer in my post. That link partially answered my questions. BTW, we don't run hosting limits.

I guess whats not clear is the latest will the KC patches (in the next few days) address the Spectre and Meltdown microcode patches so we don't have to reboot? We don't plan on using reseller limits.

Thanks!

Sorry, should have been clearer in my post. That link partially answered my questions. BTW, we don't run hosting limits. I guess whats not clear is the latest will the KC patches (in the next few days) address the Spectre and Meltdown microcode patches so we don't have to reboot? We don't plan on using reseller limits. Thanks!
by Inga Vakulenko / Friday, 05 January 2018 21:37

Eric, no worries! ;) This updated is for clients who run Reseller Limits kernel so you might as well just simply ignore it.

Regarding your question, applying microcode normally requires a reboot but we will try to deliver it via KC. Please follow the post I've mentioned before to get more information, we keep updating it.

Thank you!

Eric, no worries! ;) This updated is for clients who run Reseller Limits kernel so you might as well just simply ignore it. Regarding your question, applying microcode normally requires a reboot but we will try to deliver it via KC. Please follow the post I've mentioned before to get more information, we keep updating it. Thank you!
by Inga Vakulenko / Friday, 05 January 2018 21:11

Eric, to follow up:
as long as Reseller Limits are in beta KernelCare does not provide the support for it as KernelCare only supports stable kernels.

Eric, to follow up: as long as Reseller Limits are in beta KernelCare does not provide the support for it as KernelCare only supports stable kernels.
by Inga Vakulenko / Friday, 05 January 2018 21:13

Apologies for the misspelling. I've missed 'not'. It should be "please note that KernelCare does NOT deliver updates for kernels that support Reseller Limits."

Apologies for the misspelling. I've missed 'not'. It should be "please note that KernelCare does NOT deliver updates for kernels that support Reseller Limits."
by Guest - Mario / Friday, 05 January 2018 23:03

Executed this command, centos 7.4 / cloudlinux 7 , errors with grub, currently in support ticket back/forth, since the system tried to rebuild the grub loader with grub2 that doesnt exist on this system.

Support said its default with centos 7 / cloudlinux 7 but not present on my system (not something I've uninstalled / not aware that cpanel would remove the grub2 loader either.

Currently waiting for responses. I'd hold off for anyone wanting to execute this.

We've had success with every other OS and their kernel udpates, but cloudlinux is our first error.

All previous kernel updates have worked flawlessly, but this one is requesting alternate configuration it seems, perhaps too rushed.

grep: /boot/grub2/grub.cfg: No such file or directory

[WARNING] GRUB config file is missing
Regenerating GRUB configuration...
[SUCCESS] GRUB config has been restored
[WARNING] Kernel 3.10.0-714.10.2.lve1.5.8.el7.x86_64 GRUB entry is missing
[ERROR] Kernel 3.10.0-714.10.2.lve1.5.8.el7.x86_64 initramfs GRUB entry is missing and cannot be automatically added due to unknown reasons, please fix GRUB config manually

Executed this command, centos 7.4 / cloudlinux 7 , errors with grub, currently in support ticket back/forth, since the system tried to rebuild the grub loader with grub2 that doesnt exist on this system. Support said its default with centos 7 / cloudlinux 7 but not present on my system (not something I've uninstalled / not aware that cpanel would remove the grub2 loader either. Currently waiting for responses. I'd hold off for anyone wanting to execute this. We've had success with every other OS and their kernel udpates, but cloudlinux is our first error. All previous kernel updates have worked flawlessly, but this one is requesting alternate configuration it seems, perhaps too rushed. grep: /boot/grub2/grub.cfg: No such file or directory [WARNING] GRUB config file is missing Regenerating GRUB configuration... [SUCCESS] GRUB config has been restored [WARNING] Kernel 3.10.0-714.10.2.lve1.5.8.el7.x86_64 GRUB entry is missing [ERROR] Kernel 3.10.0-714.10.2.lve1.5.8.el7.x86_64 initramfs GRUB entry is missing and cannot be automatically added due to unknown reasons, please fix GRUB config manually
by Guest - Mario / Saturday, 06 January 2018 20:31

anyone following this, the issue seemed to be the upgrader is looking for grub2 only, our system does not have it.

On inspection the standard grub.conf was updated correctly with the new kernel despite the errors referencing grub2, confirmed the configuration and rebooted and it started with the new kernel correctly with no work/intervention required on our behalf despite the errors.

Slightly concerned that cloudlinux only suggestion was to install grub2 to fix the issue when grub2 was not an option within the yum repo on the standard centos 7.4/cloudlinux 7 install on our server, it was basically implied booting should not be possible on the sytem without grub2 with no thoughts given to standard grub ...

anyone following this, the issue seemed to be the upgrader is looking for grub2 only, our system does not have it. On inspection the standard grub.conf was updated correctly with the new kernel despite the errors referencing grub2, confirmed the configuration and rebooted and it started with the new kernel correctly with no work/intervention required on our behalf despite the errors. Slightly concerned that cloudlinux only suggestion was to install grub2 to fix the issue when grub2 was not an option within the yum repo on the standard centos 7.4/cloudlinux 7 install on our server, it was basically implied booting should not be possible on the sytem without grub2 with no thoughts given to standard grub ...
by Guest - rahul / Saturday, 06 January 2018 05:54

Hi

I am getting following error when I run command yum clean all --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing && yum update linux-firmware microcode_ctl && yum install kernel-3.10.0-714.10.2.lve1.5.8.el6h --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing


============
No Match for argument: linux-firmware
No package linux-firmware available.
No Packages marked for Update
Loaded plugins: fastestmirror, rhnplugin, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* cpanel-addons-production-feed: 66.71.244.18
* cloudlinux-x86_64-server-6: xmlrpc.cln.cloudlinux.com
cloudlinux-updates-testing | 2.9 kB 00:00
cloudlinux-updates-testing/primary_db | 2.1 MB 00:00
No package kernel-3.10.0-714.10.2.lve1.5.8.el6h available.
Error: Nothing to do
============================

[~]# uname -r
2.6.32-673.26.1.lve1.4.30.el6.x86_64



Please advice

Hi I am getting following error when I run command yum clean all --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing && yum update linux-firmware microcode_ctl && yum install kernel-3.10.0-714.10.2.lve1.5.8.el6h --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing ============ No Match for argument: linux-firmware No package linux-firmware available. No Packages marked for Update Loaded plugins: fastestmirror, rhnplugin, security Setting up Install Process Loading mirror speeds from cached hostfile * cpanel-addons-production-feed: 66.71.244.18 * cloudlinux-x86_64-server-6: xmlrpc.cln.cloudlinux.com cloudlinux-updates-testing | 2.9 kB 00:00 cloudlinux-updates-testing/primary_db | 2.1 MB 00:00 No package kernel-3.10.0-714.10.2.lve1.5.8.el6h available. Error: Nothing to do ============================ [~]# uname -r 2.6.32-673.26.1.lve1.4.30.el6.x86_64 Please advice
by Inessa Atmachian / Saturday, 06 January 2018 16:18

Hi Rahul

It seems you have non-hybrid CloudLinux 6. We have already released the non-hybrid CloudLinux 6 kernel with patches.
Plese find details and update command in this blog post: https://www.cloudlinux.com/cloudlinux-os-blog/entry/cloudlinux-6-kernel-updated-1-5

Hi Rahul It seems you have non-hybrid CloudLinux 6. We have already released the non-hybrid CloudLinux 6 kernel with patches. Plese find details and update command in this blog post: https://www.cloudlinux.com/cloudlinux-os-blog/entry/cloudlinux-6-kernel-updated-1-5
by Guest - Fabian Altahona / Saturday, 06 January 2018 14:12

Estoy tratando de correr el parche
CloudLinux 6 Hybrid

yum clean all --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing && yum update linux-firmware microcode_ctl && yum install kernel-3.10.0-714.10.2.lve1.5.8.el6h --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing

Pero no realiza ninguna actualización.

No hay nada concordante con el argumento: linux-firmware
No existe disponible ningún paquete linux-firmware.
No se han seleccionando paquetes para ser actualizados
Complementos cargados:fastestmirror, protectbase, rhnplugin, security,
: universal-hooks
Configurando el proceso de instalación
Loading mirror speeds from cached hostfile
* EA4: 104.219.172.10
* EA4-experimental: 104.219.172.10
* cpanel-addons-production-feed: 104.219.172.10
* cloudlinux-x86_64-server-6: cl.banahosting.com
* epel: mirrors.develooper.com
cloudlinux-updates-testing | 2.9 kB 00:00
cloudlinux-updates-testing/primary_db | 2.1 MB 00:00
0 packages excluded due to repository protections
No existe disponible ningún paquete kernel-3.10.0-714.10.2.lve1.5.8.el6h.
Error: Nada para hacer


[~]# uname -r
2.6.32-773.26.1.lve1.4.43.el6.x86_64

¿Que debo hacer?

Estoy tratando de correr el parche CloudLinux 6 Hybrid yum clean all --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing && yum update linux-firmware microcode_ctl && yum install kernel-3.10.0-714.10.2.lve1.5.8.el6h --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing Pero no realiza ninguna actualización. No hay nada concordante con el argumento: linux-firmware No existe disponible ningún paquete linux-firmware. No se han seleccionando paquetes para ser actualizados Complementos cargados:fastestmirror, protectbase, rhnplugin, security, : universal-hooks Configurando el proceso de instalación Loading mirror speeds from cached hostfile * EA4: 104.219.172.10 * EA4-experimental: 104.219.172.10 * cpanel-addons-production-feed: 104.219.172.10 * cloudlinux-x86_64-server-6: cl.banahosting.com * epel: mirrors.develooper.com cloudlinux-updates-testing | 2.9 kB 00:00 cloudlinux-updates-testing/primary_db | 2.1 MB 00:00 0 packages excluded due to repository protections No existe disponible ningún paquete kernel-3.10.0-714.10.2.lve1.5.8.el6h. Error: Nada para hacer [~]# uname -r 2.6.32-773.26.1.lve1.4.43.el6.x86_64 ¿Que debo hacer?
by Inessa Atmachian / Saturday, 06 January 2018 16:19

Hi Fabian,

It seems you have non-hybrid CloudLinux 6. We have already released the non-hybrid CloudLinux 6 kernel with patches.
Plese find details and update command in this blog post: https://www.cloudlinux.com/cloudlinux-os-blog/entry/cloudlinux-6-kernel-updated-1-5

Hi Fabian, It seems you have non-hybrid CloudLinux 6. We have already released the non-hybrid CloudLinux 6 kernel with patches. Plese find details and update command in this blog post: https://www.cloudlinux.com/cloudlinux-os-blog/entry/cloudlinux-6-kernel-updated-1-5
by Guest - Fabian Altahona / Sunday, 07 January 2018 15:13

Thanks for your answer :) I installed the patch but now when the server runs the cron "Cron / usr / bin / kcarectl - auto-update - gradual-rollout = auto" I get the following error " Unknown Kernel (CloudLinux Server 2.6.32-896.16.1.lve1.4.49.el6.x86_64) "Do I need to install anything else?

Thanks for your answer :) I installed the patch but now when the server runs the cron "Cron / usr / bin / kcarectl - auto-update - gradual-rollout = auto" I get the following error " Unknown Kernel (CloudLinux Server 2.6.32-896.16.1.lve1.4.49.el6.x86_64) "Do I need to install anything else?
by Guest - Alexander Zavhorodnii / Monday, 08 January 2018 07:49

Hello Fabian,
You don't need to, you have a new kernel with patches included, it's not supported by KernelCare yet, once support will be added - message will disappear. Your kernel is safe.

Hello Fabian, You don't need to, you have a new kernel with patches included, it's not supported by KernelCare yet, once support will be added - message will disappear. Your kernel is safe.

Leave your comment

Guest, Tuesday, 20 November 2018

Captcha Image