The check_cpanel_pkgs Script

Valid for versions 102 through the latest version

Version:

100

102


Last modified: December 22, 2021

Overview

The /usr/local/cpanel/scripts/check_cpanel_pkgs script scans every installed cPanel-managed package on your server for problems. This script can also reinstall any affected cPanel & WHM packages to repair them.

Note:

To run the /usr/local/cpanel/scripts/check_cpanel_pkgs script nightly, use the Maintenance cPanel RPM Check and Maintenance cPanel RPM Digest Check settings in the Software section of WHM’s Tweak Settings interface (WHM >> Home >> Server Configuration >> Tweak Settings).

Script functions

The /usr/local/cpanel/scripts/check_cpanel_pkgs script performs four basic functions each time that it runs:

  1. Discovers missing packages.
  2. Tracks packages that are out-of-date and need updates.
  3. Checks for any altered packages. Altered packages meet any of the following conditions:
    • Their mode has changed.
    • An MD5 checksum does not exist.
    • They are symlinks, and the file points to the wrong path.
    • They are missing.
  4. Checks whether to uninstall any cPanel-managed package.
Note:
  • The /usr/local/cpanel/scripts/check_cpanel_pkgs script runs for a few minutes. If it does not detect any problems, it will not produce any output and exit to the command prompt.
  • The /usr/local/cpanel/scripts/check_cpanel_pkgs script does not check for problems with incorrect file permissions.

Run the script

To run the /usr/local/cpanel/scripts/check_cpanel_pkgs script on the command line, use the following format:

/usr/local/cpanel/scripts/check_cpanel_pkgs [options]

Options

You can use the following options with the /usr/local/cpanel/scripts/check_cpanel_pkgs script:

Options Description
--download-only Downloads any missing packages to the /usr/local/cpanel/tmp/rpm.versions file, then exits.
  • The script downloads a new copy of a package only if the package is missing.
  • If the package already exists, the script lists the package name only and then exits.
--fix Shows any problems and automatically corrects them.
--list-only Lists altered packages and exits.
--long-list Shows the altered packages and files in an easily-parsed format.
--no-broken Installs missing packages and uninstalls unneeded packages. The script does not check for broken packages.
--no-digest Skips file-digest checks. The script does not check for changes to the file contents.
--nodir The script does not read the /var/cpanel/rpm.versions.d directory.
--notify Sends a notification that lists any altered packages. Then, the script describes any actions that the system performed.
--targets Filters packages based on provided targets (comma-delimited).

Example

For example, to use the --fix option, run the following command:

/usr/local/cpanel/scripts/check_cpanel_pkgs --fix

Checks performed

The /usr/local/cpanel/scripts/check_cpanel_pkgs script runs a verification check on all cPanel-managed packages. This checks for changes in the files since their installation. The script does not check configuration and documentation files.

Note:

If the output indicates that only Mode or mTime have changed, the script will not report that as an altered package.

The output of the verification check lists the following changes:

Check Description
S File size differs.
M Mode differs. This includes permissions and file type.
5 MD5 sum differs.
D Device major or minor number mismatch.
L readLink(2) path mismatch.
U User ownership differs.
G Group ownership differs.
T mTime differs. mTime refers to the last time the file was modified.
P Capabilities differ.

Additional Documentation