Update caused CLI interface error

Read 18273 times
Hi to all,

Earlier today I carried out an update on my server as part of the daily Atomic Secured Linux function,  after completing this I have now noticed the following error when running the diagnostics.php page.

Code: [Select]
Checking CLI interface Failed
ccmanage returned no output; Centova Cast definitely will NOT operate in this state


This above error is only effecting access to the "Manage Accounts" with regards to the "Username" which if any are pressed gives the following access error.

Code: [Select]
Error loading account: No response, possible configuration problem ()

This stop me gaining access and has also stop the streams from restarting after the server was rebooted.

All other areas of the administration panel can be accessed without issue and within the diagnostics.php page all areas are shown as green OK apart from the one above, I therefore wondered if anyone could give a suggestion as to what needs to be checked?

Here is a list of what was updated by ASL.

Code: [Select]
---> Package php-pdo.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package php-bcmath.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package php-mysql.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package qmail-scanner.x86_64 1:2.08-1.el5.art set to be updated
---> Package php-mcrypt.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package php-xml.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package ovaldi.x86_64 0:5.6.3-1.el5.art set to be updated
---> Package php-imap.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package php-gd.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package php-odbc.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package mod_security.x86_64 0:2.5.10-1.el5.art set to be updated
---> Package php-common.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package ossec-hids-server.x86_64 0:2.2-4.el5.art set to be updated
---> Package php-mbstring.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package ossec-hids.x86_64 0:2.2-4.el5.art set to be updated
---> Package php-devel.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package php.x86_64 0:5.2.11-3.el5.art set to be updated
---> Package php-ioncube-loader.x86_64 1:3.3.1-1.el5.art set to be updated
---> Package php-cli.x86_64 0:5.2.11-3.el5.art set to be updated
Hi to all,

Still having big issues accessing the Centova Cast client admin. I noticed the following when setting my ASL (Atomic Secured Linux) web-gui Security Events to 1 there are loads of the following for each attempt I try to login.

Code: [Select]
kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:5967] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:2981] uid/euid:48/48 gid/egid:48/48

So my question for this error is how do I add Centova Cast as trusted or am I missing the point on this one?

Here is a bigger snap shot.

Code: [Select]
10Dec 17:54:14 2 1002 kernel: grsec: From 93.97.221.117: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:6699] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:2978] uid/euid:48/48 gid/egid:48/48
10Dec 17:35:57 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:5967] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:2981] uid/euid:48/48 gid/egid:48/48
10Dec 17:00:14 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:3626] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:2977] uid/euid:48/48 gid/egid:48/48
10Dec 16:52:26 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:16161] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:16152] uid/euid:48/48 gid/egid:48/48
10Dec 16:43:47 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:15871] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:15834] uid/euid:48/48 gid/egid:48/48
10Dec 16:43:19 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:15851] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:15833] uid/euid:48/48 gid/egid:48/48
10Dec 16:43:13 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:15845] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:15835] uid/euid:48/48 gid/egid:48/48
10Dec 16:42:19 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:15790] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:15172] uid/euid:48/48 gid/egid:48/48
10Dec 16:25:46 2 1002 kernel: grsec: From 217.36.208.45: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:15176] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:14794] uid/euid:48/48 gid/egid:48/48
10Dec 16:25:46 2 1002 kernel: grsec: From 217.36.208.45: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:15171] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:14793] uid/euid:48/48 gid/egid:48/48
10Dec 16:25:46 2 1002 kernel: grsec: From 217.36.208.45: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:15165] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:14796] uid/euid:48/48 gid/egid:48/48
10Dec 16:18:18 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:14804] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:14792] uid/euid:48/48 gid/egid:48/48
10Dec 16:17:13 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:14742] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:14718] uid/euid:48/48 gid/egid:48/48
10Dec 16:17:09 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:14739] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:14722] uid/euid:48/48 gid/egid:48/48
10Dec 16:16:59 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:14733] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:14720] uid/euid:48/48 gid/egid:48/48
10Dec 16:01:32 2 1002 kernel: grsec: denied untrusted exec of /home/centovacast/system/runascc/runascc by /bin/bash[sh:14243] uid/euid:48/48 gid/egid:48/48, parent /usr/sbin/httpd[httpd:12707] uid/euid:48/48 gid/egid:48/48


Some information from Centova Cast relating to the CLI interface giving no responce.

Code: [Select]
If only "Checking CLI interface" reports Failed, then it's likely that there is a problem with your PHP CLI binary.  In this case, login via SSH and run the following command:

php -q /home/centovacast/system/ccmanage.php version check all

(Note that the command may appear wordwrapped above, but it should be entered all on one line.)  If this command does not display any output, then there is a problem with your PHP CLI binary and you need to have your systems administrator fix this.

If it does display any output (ending with a line that says "OK Centova Cast vx.x.x"), then try the following command as well:

/home/centovacast/system/runascc/runascc exec ccmanage version check all

(Note that the command may appear wordwrapped above, but it should be entered all on one line.)  If this last command does not display any output, then you probably have more than one PHP CLI binary installed on your server, and one of them is broken (and Centova Cast is inadvertently chosing the broken one).  You simply need to identify the broken one and remove it.  Ask your systems administrator to check the /usr/bin, /usr/local/bin, and /bin directories, identify the bad copy of the PHP CLI binary, and remove it.


So after inputting

Code: [Select]
php -q /home/centovacast/system/ccmanage.php version check all

The following is outputted

Code: [Select]
php -q /home/centovacast/system/ccmanage.php version check all
DAT version=2.2.4|loadavg1=2.63|loadavg5=3.11|loadavg15=3.28|uptime=3854.42|os=Linux|osversion=2.6.29.6-1.art.x86_64|accounts=12|activeaccounts=12
OK Centova Cast v2.2.4


So tried second command

Code: [Select]
/home/centovacast/system/runascc/runascc exec ccmanage version check all

The following is outputted

Code: [Select]
/home/centovacast/system/runascc/runascc exec ccmanage version check all
DAT version=2.2.4|loadavg1=2.20|loadavg5=2.65|loadavg15=3.04|uptime=4209.24|os=Linux|osversion=2.6.29.6-1.art.x86_64|accounts=12|activeaccounts=12
OK Centova Cast v2.2.4


So as we can see there appears to be no problems yet no one can access the administration panel due to the problem with no output

Code: [Select]
ccmanage returned no output; Centova Cast definitely will NOT operate in this state

This all started with me updating PHP 5.2.11-3 from the atomic testing repo, I have added a post http://atomicsecuredlinux.com/forum/viewtopic.php?f=12&t=3562 relating to an error with a missing dependency libt1.so.5 from atomic testing needed by package php-gd-5.2.11-3.el5.art.i386 so not sure if this is all related?

Many thanks for any advice anyone could offer on this.

Regards
Mark