ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://www.forum.configserver.com/

unlogged changes to certutil and others

https://www.forum.configserver.com/viewtopic.php?t=6206

Page 1 of 1

unlogged changes to certutil and others

Posted: 02 Feb 2013, 19:26
by karunadave
Yesterday I received from lfd system integrity check
/usr/bin/certutil: FAILED
/usr/bin/cmsutil: FAILED
/usr/bin/crlutil: FAILED
/usr/bin/modutil: FAILED
/usr/bin/pk12util: FAILED
/usr/bin/signtool: FAILED
/usr/bin/signver: FAILED
/usr/bin/ssltap: FAILED
/usr/sbin/nscd: FAILED

No record of a change in the CPanel update logs (/var/cpanel/updatelogs) can be found.

Previously have found entries in the update logs with these integrity check are done (or if I have updated something myself.

I am worried, should I now panic? :eek:

Re: unlogged changes to certutil and others

Posted: 02 Feb 2013, 23:15
by sawbuck
I'd say it depends on what platform you're on. In my experience, vps servers for instance, OS level updates can be initiated by the host that LFD may recognize but cPanel doesn't.

Re: unlogged changes to certutil and others

Posted: 03 Feb 2013, 05:49
by karunadave
I checked, it is an un-managed VPS, they say they don't modify OS files.

So, time to hit the panic button. I don't seem to have rights to post to the CPanel forums (although I do have a logon) to ask if these files have been modified in an unlogged way.

Re: unlogged changes to certutil and others

Posted: 03 Feb 2013, 08:45
by ForumAdmin
The simplest way to look into these is with:

Code: Select all

# rpm -qf /usr/bin/modutil
nss-tools-3.13.6-3.el5_9

Code: Select all

# rpm -qi nss-tools
Name        : nss-tools                    Relocations: (not relocatable)
Version     : 3.13.6                            Vendor: CentOS
Release     : 3.el5_9                       Build Date: Thu 31 Jan 2013 09:04:27 PM GMT
Install Date: Fri 01 Feb 2013 12:06:37 AM GMT      Build Host: builder17.centos.org
Group       : System Environment/Base       Source RPM: nss-3.13.6-3.el5_9.src.rpm
Size        : 2692696                          License: MPLv1.1 or GPLv2+ or LGPLv2+
Signature   : DSA/SHA1, Thu 31 Jan 2013 09:57:43 PM GMT, Key ID a8a447dce8562897
URL         : http://www.mozilla.org/projects/security/pki/nss/
Summary     : Tools for the Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

Install the nss-tools package if you need command-line tools to
manipulate the NSS certificate and key database.
Note the Install Date.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited