Blogroll: CloudLinux

I read blogs, as well as write one. The 'blogroll' on this site reproduces some posts from some of the people I enjoy reading. There are currently 85 posts from the blog 'CloudLinux.'

Disclaimer: Reproducing an article here need not necessarily imply agreement or endorsement!

Subscribe to CloudLinux feed
All blog entries from https://www.cloudlinux.com/
Updated: 2 hours 2 min ago

Beta: Alt-PHP updated

Thu, 22/02/2018 - 17:35

New updated Alt-PHP packages are now available for download from our updates-testing repository.

Changelog:

alt-php52-5.2.17-116

  • ALTPHP-450: fix for Bug #71335 Type Confusion in WDDX Packet Deserialization.

alt-php53-5.3.29-73

  • ALTPHP-450: fix for Bug #71335 Type Confusion in WDDX Packet Deserialization;
  • ALTPHP-451: fix for CVE-2016-7478 Unserialize Exception object can lead to infinite loop.

alt-php54-5.4.45-53

  • ALTPHP-450: Fix for Bug #71335 Type Confusion in WDDX Packet Deserialization.

Install command:

yum groupinstall alt-php --enablerepo=cloudlinux-updates-testing
Categories: Technology

Reseller Limits Beta is now available for Plesk!

Thu, 22/02/2018 - 16:52

You asked — we do! LVE Manager version 3.1-3 with Reseller Limits support for Plesk is released to Beta! CloudLinux OS team has been working on this feature for over twenty months and we are happy it is now available for more customers!

All the Reseller Limits features and improvements that were previously introduced to the cPanel users are now available in Plesk too. Now Plesk hosters can set limits for the resources each reseller can operate with and provide controls to the reseller on what resources each end user will have.

 

We encourage you to help us with beta testing and to install this feature on your servers. We’d be extremely grateful for any feedback provided!

Please note that to use Reseller Limits you would have to install kernel that supports the feature. The latest stable kernel with Reseller Limits support is 3.10.0-714.10.2.lve1.5.12 (we also recommend to try our newest beta kernel that includes Meltdown / Spectre fixes for Xen PV). If you use CloudLinux 6 kernel you would first have to migrate to a Hybrid kernel since the feature is only supported in CloudLinux 7 and CloudLinux 6 Hybrid kernels. Follow the instruction below to do so at https://docs.cloudlinux.com/index.html?hybrid_kernel.html.

To find out more on how to operate Reseller Limits, please read this documentation article. We also recommend watching the CloudLinux Academy webinar where our CEO and Founder Igor Seletskiy reviews the Reseller Limits functionality.

If you've missed the previous Beta releases of the feature for cPanel and its advantages, please follow the links to check information on its Production release.

To install new beta from our update-testing repository, please use the following command:

yum update lvemanager lve-stats lve-utils alt-python27-cllib --enablerepo=cloudlinux-updates-testing

Please find a changelog below.

lvemanager-3.1-3

  • WEB-879: fixed title of reseller options for faults notify;
  • WEB-809: adapted the "Users" tab of reseller plugin in Plesk;
  • WEB-869: fixed an error while trying to open statistic frame for reseller with no limits on Plesk;
  • WEB-874: fixed report text in Resource Usage for CPU usage (DirectAdmin, user's plugin);
  • WEB-858: fixed an issue when sorting is not working;
  • WEB-884: fixed an error entry into LVE Manager plugin via direct link in Plesk's sidebar (wrong checking of csrftoken).

lve-utils-2.1-3

  • LU-460: NameMap is now used instead of ClPwd to get reseller id;
  • LVES-818: implemented reseller limits to lvectl for Plesk;
  • LU-572: missing user without package in 'getcontrolpaneluserspackages' commands (Plesk).

alt-python27-cllib-1.3-4

  • PTCLLIB-105: main domain is now first in 'userdomains' result (Plesk);
  • LVES-770: fixed an issue when cloudlirnux-top doesn't work on Plesk with reseller;
  • LU-448: implemented resellers method on Plesk.

lve-stats-2.8-2

  • LVES-878: fix for reseller historical usage request on Plesk;
  • LVES-846: fixed reseller's name field in cl-top and cl-stats (Plesk);
  • LVES-861: hoster's period is now used to notify reseller about user's faults.
Categories: Technology

MySQL for MySQL Governor updated

Wed, 21/02/2018 - 15:27

A new updated MySQL package for MySQL Governor is available for download from our production repository.

Changelog:

cl-MySQL

  • updated MySQL 5.6 up to version 5.6.39.

To update run:

# yum update cl-MySQL*

or

# /usr/share/lve/dbgovernor/mysqlgovernor.py --install

To install on a new server run:

# yum install governor-mysql # /usr/share/lve/dbgovernor/mysqlgovernor.py --install
Categories: Technology

Beta: MariaDB and MySQL for MySQL Governor updated

Wed, 21/02/2018 - 07:41

New updated MariaDB and MySQL packages for MySQL Governor are available for download from our updates-testing repository.

Changelog:

cl-MariaDB102

  • updated up to version 10.2.13.

cl-MariaDB101

  • updated up to version 10.1.31.

cl-MySQL57

  • debuginfo package enabled.

Note. We recommend to save a database before update.

To update run:

cl-MySQL:

# yum update cl-MySQL-meta-client cl-MySQL-meta cl-MySQL-meta cl-MySQL* governor-mysql --enablerepo=cloudlinux-updates-testing #restart mysql #restart governor-mysql

cl-MariaDB:

# yum update cl-MariaDB-meta-client cl-MariaDB-meta cl-MariaDB-meta cl-MariaDB* governor-mysql --enablerepo=cloudlinux-updates-testing #restart mysql #restart governor-mysql

To install on a new server run:

# yum install governor-mysql --enablerepo=cloudlinux-updates-testing # /usr/share/lve/dbgovernor/db-select-mysql --mysql-version=[mariadb version] # /usr/share/lve/dbgovernor/mysqlgovernor.py --install-beta
Categories: Technology

Alt-PHP updated

Tue, 20/02/2018 - 18:51

New updated Alt-PHP packages are now available for download from our production repository.

Changelog:

alt-php54-pear-1.10.5-2

alt-php55-pear-1.10.5-2

alt-php56-pear-1.10.5-2

alt-php70-pear-1.10.5-2

alt-php71-pear-1.10.5-2

  • updated to version 1.10.5.

alt-php54-pear-ext-1-11

alt-php55-pear-ext-1-11

alt-php56-pear-ext-1-11

  • fixed extensions list for CloudLinux 6.

alt-php51-pecl-ext-1-28

alt-php52-pecl-ext-1-98

alt-php53-pecl-ext-1-120

alt-php54-pecl-ext-1-109

alt-php55-pecl-ext-1-94

alt-php56-pecl-ext-1-61

  • updated extension timezonedb to 2018.3.

alt-php70-pecl-ext-1-30

alt-php71-pecl-ext-1-18

  • updated extension xdebug to 2.6.0;
  • updated extension timezonedb to 2018.3.

alt-php72-pecl-ext-1-13

  • updated extension xdebug to 2.6.0;
  • updated extension timezonedb to 2018.3;
  • added dbase 7.0.0beta1 extension.

Install command:

yum groupinstall alt-php
Categories: Technology

Live Webinar: How to Boost Web Server Security with Backup

Tue, 20/02/2018 - 09:10

Join us on Tuesday, March 6th at 12 pm EST for a live webinar!

Helping our customers build a solid web server security plan is something we are very passionate about. Join this webinar to learn how to enhance your web server security with backup. Kirill Bykov, the person in charge of CloudLinux Backup for Imunify360, will go over this new product and explain how, together with core Imunify360 defense features, this comprehensive solution helps protect your servers against various threats.

As always, a Q&A session will follow the presentation.

The webinar will take place on Tuesday, March 6th at 12 pm EST / 9 am PST, and you can register for it here.

(If you can’t attend, register anyway and we’ll send you the recording after the event.)

We hope you can join us. 

 

Categories: Technology

Beta: Imunify360 2.7.3 released

Mon, 19/02/2018 - 18:36

We are pleased to announce that a new beta Imunify360 version 2.7.3 is now available.

Changelog:

Fixes

  • DEF-4065: fix for ConnectionRefusedError in lfd_block.py;
  • DEF-4098: fix for BrokenPipeError in modsec_scan_real.py;
  • DEF-4133: fixed an error on register from UI;
  • DEF-4147: action "Put malicious to quarantine" does not now support submitting - UI;
  • DEF-4148: action "Put malicious to quarantine" does not now support submitting - agent;
  • DEF-4174: fix for “database is locked during upgrade”;
  • DEF-4142: backup check now shows backup status even if error occurs;
  • DEF-4352: fixed console.log overloading with huge graylisted/blacklisted ips synclist;
  • DEF-4353: fixed console.log overloading with excessive `client360: data_received` diagnostic messages;
  • DEF-4232: fixed validation for countries;
  • DEF-4145: warning is not returned now if backup init is in progress;
  • DEF-3709: icons in features component are now aligned properly;
  • DEF-4342: fixed version cmd output.

New features

  • DEF-2654: auto-blacklisted IPs are now displayed in UI;
  • DEF-3908: improved new Backups settings page;
  • DEF-4345: added no-captcha block support;
  • DEF-4412: blacklist is now manageable in CSF mode;
  • DEF-4411: auto-blacklisted IPs UI - handle case with CSF enabled.

To install a new beta Imunify360 version 2.7.3 please follow the instructions in the documentation.

Upgrade is available since Imunify360 version 2.0-19 and later.

To upgrade Imunify360 run the command:

yum update imunify360-firewall --enablerepo=imunify360-testing

More information on Imunify360 can be found here.

Should you encounter any problems with the product or have any questions, comments or suggestions, please contact our support team at cloudlinux.zendesk.com: Imunify360 department. We’d be more than happy to help you.

Categories: Technology

Beta: CloudLinux 6 kernel updated

Mon, 19/02/2018 - 13:20

CloudLinux 6 kernel version 2.6.32-896.16.1.lve1.4.53 is available for download from our updates-testing repository.

Changelog since kernel-2.6.32-896.16.1.lve1.4.52:

  • CLKRN-219: fixed boot on Xen PV instances;
  • CKSIX-148: disabled certain printk's for UBC OOM path to not spam into dmesg log.

To install new kernel please run the following command:

yum clean all --enablerepo=cloudlinux-updates-testing && yum install kernel-2.6.32-896.16.1.lve1.4.53.el6 --enablerepo=cloudlinux-updates-testing
Categories: Technology

Beta: CloudLinux 6 kernel updated

Fri, 16/02/2018 - 16:33

CloudLinux 6 kernel version 2.6.32-896.16.1.lve1.4.52 is available for download from our updates-testing repository.

Changelog since kernel-2.6.32-896.16.1.lve1.4.51:

  • CKSIX-159: fixed WARNINGs on boot due to missing stack canary initialization;
  • CKSIX-163: added extra gmb() barriers;
  • CLKRN-225: fixed crash in ping socket disconnect.

To install new kernel please run the following command:

yum clean all --enablerepo=cloudlinux-updates-testing && yum install kernel-2.6.32-896.16.1.lve1.4.52.el6 --enablerepo=cloudlinux-updates-testing
Categories: Technology

Beta: CloudLinux 7 and CloudLinux 6 Hybrid kernel updated

Fri, 16/02/2018 - 16:29

CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-714.10.2.lve1.5.13 is available for download from our updates-testing repository.

Changelog since kernel-3.10.0-714.10.2.lve1.5.12:

  • CLKRN-219: fixed boot on Xen PV instances;
  • CLKRN-230: fixed ACL issue on XFS;
  • improved Meltdown/Spectre patch, returned missing chunks.

To install new kernel, please use the following commands:

CloudLinux 7:

yum clean all --enablerepo=cloudlinux-updates-testing && yum install kernel-3.10.0-714.10.2.lve1.5.13.el7 --enablerepo=cloudlinux-updates-testing

CloudLinux 6 Hybrid:

yum clean all --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing && yum install kernel-3.10.0-714.10.2.lve1.5.13.el6h --enablerepo=cloudlinux-updates-testing,cloudlinux-hybrid-testing
Categories: Technology

Beta: Alt-Python updated

Thu, 15/02/2018 - 14:38

New updated Alt-Python packages are now available for download from our updates-testing repository.

Changelog:

alt-python34 3.4.8-1

alt-python35 3.5.5-1

Update command:

yum update alt-python* --enablerepo=cloudlinux-updates-testing
Categories: Technology

Udev updated

Thu, 15/02/2018 - 12:56

A new updated Udev package is now available for download from our production repository.

Changelog:

  • CKSIX-160: Udev package was updated to fix loading firmware on hybrid kernels.

To install run:

yum update udev
Categories: Technology

CloudLinux 7 and CloudLinux 6 Hybrid kernel updated

Wed, 14/02/2018 - 16:32

CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-714.10.2.lve1.5.12 is available for download from our production repository.

Changelog since kernel-3.10.0-714.10.2.lve1.5.9:

  • AL-2579: fixed GRUB checks when system uses UEFI;
  • CLKRN-153: fixed possible race between dentry_kill and RCU-walk;
  • CLKRN-203: fixed kernel panic;
  • CLKRN-210: fixed CVE-2017-5715 [branch target injection] also known as 'Spectre Variant 2';
  • fixed SPEC_CTRL and IBPB_SUPPORT features setting after microcode update;
  • KMODLVE-123: postpone lvp pmem limit enforcement if first attempt failed;
  • KMODLVE-149: check a notifier pointer while unregistering notifiers;
  • CLEN-61: restored serialized access to TSC through mfence;
  • restored patch to fix regression and cover CLKRN-172.

To install new kernel, please use the following commands:

CloudLinux 7:

yum clean all && yum install kernel-3.10.0-714.10.2.lve1.5.12.el7

CloudLinux 6 Hybrid:

yum clean all && yum install kernel-3.10.0-714.10.2.lve1.5.12.el6h
Categories: Technology

EasyApache 4 updated

Tue, 13/02/2018 - 16:07

New updated packages are now available for download from our production repository.

Changelog:

ea-php54-php 5.4.45-50.cloudlinux

  • HB-3287: increased open file limit for php-fpm by default.

ea-php54 5.4.45-19.cloudlinux

  • EA-6958: ensured ownership of _licensedir if it is set;
  • ZC-3247: added support for the allowed-php list to WHM’s Feature Lists.

ea-php56-php 5.6.33-5.cloudlinux

  • HB-3287: increased open file limit for php-fpm by default.

ea-php55 5.5.38-5.cloudlinux

  • EA-6958: ensured ownership of _licensedir if it is set;
  • ZC-3247: added support for the allowed-php list to WHM’s Feature Lists.

ea-php56-php 5.6.33-5.cloudlinux

  • HB-3287: increased open file limit for php-fpm by default.

ea-php56 5.6.33-4.cloudlinux

  • EA-6958: ensured ownership of _licensedir if it is set;
  • ZC-3247: added support for the allowed-php list to WHM’s Feature Lists.

ea-php70-php 7.0.27-5.cloudlinux

  • HB-3287: increased open file limit for php-fpm by default.

ea-php70 7.0.27-4.cloudlinux

  • EA-6958: ensured ownership of _licensedir if it is set;
  • ZC-3247: added support for the allowed-php list to WHM’s Feature Lists.

ea-php71-php 7.1.14-1.cloudlinux

  • HB-3287: increased open file limit for php-fpm by default;
  • EA-7204: updated to version 7.1.14.

ea-php71 7.1.14-1.cloudlinux

  • EA-6958: ensured ownership of _licensedir if it is set;
  • ZC-3247: added support for the allowed-php list to WHM’s Feature Lists;
  • EA-7204: updated to version 7.1.14.

ea-php72-php 7.2.2-1.cloudlinux

  • HB-3287: increased open file limit for php-fpm by default;
  • EA-7208: updated to version 7.2.2.

ea-php72 7.2.2-1.cloudlinux

  • EA-6958: ensured ownership of _licensedir if it is set;
  • ZC-3247: added support for the allowed-php list to WHM’s Feature Lists;
  • EA-7208: updated to version 7.2.2.

ea-php*-libc-client 2007f-11.cloudlinux

  • EA-7182: build against ea-openssl to ensure that any IMAP ssl calls made via PHP are functional.

ea-apache2 2.4.29-7.cloudlinux

  • EA-7159: use 'elinks' instead of 'links' as a dependency to ensure that EasyApache4 does not pull any packages from the EPEL repositories.

Update command:

yum update ea-*
Categories: Technology

Alt-python27-cllib updated

Mon, 12/02/2018 - 14:16

A new updated alt-python27-cllib package is now available for download from our production repository.

alt-python27-cllib-1.2-82.3

Release notes:

  • Fixed memory leak during StatsNotifier plugin (LVE-Stats 2 service) work on Plesk.

Changelog:

  • LVES-873: fixed memory leak on Plesk.

To install run:

yum install alt-python27-cllib

To update run:

yum update alt-python27-cllib

To downgrade:

yum downgrade alt-python27-cllib
Categories: Technology

CageFS updated

Mon, 12/02/2018 - 14:02

A new updated CageFS version 6.1-12 package is now available for download from our production repository.

Changelog:

  • CAG-788: added /usr/local/bin/ea-php* to CageFS;
  • CAG-755: Plesk FPM Pools now start after system reboot.

To update run:

yum update cagefs
Categories: Technology

Beta: mod_lsapi updated

Thu, 08/02/2018 - 09:50

A new updated mod_lsapi packages for CloudLinux 6 and 7 as well as for Apache 2.4 (CloudLinux 6 and CloudLinux 7) and EasyApache 4 (CloudLinux 6 and 7) are available from our updates-testing repository.

Changelog:

mod_lsapi 1.1-24

ea-apache24-mod_lsapi 1.1-24

httpd24-mod_lsapi 1.1-24

  • MODLS-483: fixed premature mutex destroying on MPM Event;
  • MODLS-482: refactored CRIU patch for PHP;
  • MODLS-472: core file size on CloudLinux 6 is now unlimited.

To update:

cPanel & RPM Based

$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing $ yum update mod_lsapi --enablerepo=cloudlinux-updates-testing $ service httpd restart

DirectAdmin

$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing $ cd /usr/local/directadmin/custombuild $ ./build set cloudlinux_beta yes $ ./build update $ ./build mod_lsapi

To install, follow the instructions on the link.

For EasyApache 4

To update:

$ yum update liblsapi liblsapi-devel ea-apache24-mod_lsapi --enablerepo=cl-ea4-testing --enablerepo=cloudlinux-updates-testing $ service httpd restart

To install:

$ yum-config-manager --enable cl-ea4-testing $ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing

Read http://docs.cloudlinux.com/index.html?cpanel_easyapache_4.html.

$ yum-config-manager --disable cl-ea4-testing

Go to MultiPHP Manager and enable mod_lsapi on your domains through lsapi handler.

More about MultiPHP Manager and mod_lsapi on the link.

http24 for CloudLinux 6 and CloudLinux 7

For installation/update run:

$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing $ yum update httpd24-mod_lsapi --enablerepo=cloudlinux-updates-testing
Categories: Technology

Beta: MySQL Governor updated

Wed, 07/02/2018 - 15:42

A new updated MySQL Governor version 1.2-33 is available for download from our updates-testing repository.

Changelog:

governor-mysql 1.2-33

  • MYSQLG-239: implemented dbuser-map for Plesk.

To update run:

$ yum update governor-mysql --enablerepo=cloudlinux-updates-testing $ service db_governor restart

To install run:

$ yum install governor-mysql --enablerepo=cloudlinux-updates-testing $ /usr/share/lve/dbgovernor/mysqlgovernor.py --install
Categories: Technology

KernelCare fixes Meltdown and Spectre without reboots!

Tue, 06/02/2018 - 17:43

KernelCare now live patches Meltdown and Spectre that exploit critical vulnerabilities in modern processors. The list of supported distributions is available below. Free trial supports updates too.

By now, you might have thought that the topic of Meltdown and Spectre vulnerabilities is taking a backstage in the news. Not so, as the impact and the solutions to resolve the issues seem to be the talk of the technical community still.

Manu talented engineers across OS vendors, cloud computing companies, and many other technology companies have worked around the clock to develop fixes, to test them, and to apply. Those fixes are designed to eradicate the issue that could cause a massive security breach, and eliminate performance slowdowns. The fixes are meant to prevent programs from peaking inside the kernel’s memory and the impact of which, especially in the hosting community, can be severe.

There are instances of proof of concept code available publicly that can exploit Meltdown and Specter vulnerabilities. It is suspected that hackers are weaponizing them. Not addressing these vulnerabilities, now that after 20 years they have been made public, is not really an option.

Many cloud providers and enterprises are looking to release fixes but the need for a reboot complicates the process as it brings down servers of all of their customers and business units. Not to mention the amount of internal resources and organizations needed for such operation is massive. Because of that, many companies have not yet updated their servers. All our customers have been challenged with this issue, and many have contacted us asking for a solution.

More than half-dozen of our kernel developers have been working diligently to come up with the KernelCare solution - patches that would fix the Meltdown and Spectre issues without customers needing to reboot servers. It proved to be a challenging task, but after working continuously on developing a solution, they finally did!

Our live patching technology, KernelCare, delivers uninterrupted security updates of the kernel -- without any interference or downtime for software running on the server. It fixes only the affected part, without actually rebooting or restarting the server. With these pinpointed updates, we can minimize the change and do it live. Launched over 3 years ago, now with over 100,000 servers running KernelCare, we are the only live patching vendor for the below-mentioned distributions delivering patches for Meltdown and Spectre vulnerabilities.

Meltdown and Spectre fixes require reboots. Not with KernelCare. If you don't have KernelCare, you can get the FREE TRIAL, and update all kernels, on an unlimited number of servers, without reboots now. 

. . .

Currently, we have launched Meltdown / Spectre patches for:
  • CentOS 7 and CentOS 7 Plus
  • RHEL 7
  • CloudLinux 7, hybrid
  • Proxmox VE3.10
Coming soon:
  • CentOS 6
  • RHEL 6
  • CloudLinux 6
  • Virtuozzo 6
  • Ubuntu
  • Debian
  • others

* Xen PV is not (and will not) supported

This blog post outlines timely updates

 

Categories: Technology

Beta: LVE Manager, CageFS, and liblve updated

Tue, 06/02/2018 - 09:51

New updated LVE Manager, CageFS, and liblve packages are available for download from our updates-testing repository.

Changelog:

lvemanager-3.0-39

  • LVEMAN-1221: fixed selectorctl and cagefsctl errors related to php-fpm binary.

liblve-1.5-8

  • LIBLVE-13: CageFS mounts is more secure now.

cagefs-6.1-13

  • LVEMAN-1221: fixed selectorctl and cagefsctl errors related to php-fpm binary.

To update run:

yum update cagefs --enablerepo=cloudlinux-updates-testing cagefsctl --remount-all
Categories: Technology

Pages

Additional Terms