The check_cpanel_pkgs Script

Valid for versions 102 through the latest version

Version:

102

Last modified: February 20, 2024

Overview

The /usr/local/cpanel/scripts/check_cpanel_pkgs script scans every installed cPanel-managed package on your server for problems. This script can also reinstall any affected cPanel & WHM packages to repair them.

Note:

To run the /usr/local/cpanel/scripts/check_cpanel_pkgs script nightly, use the Maintenance cPanel RPM Check and Maintenance cPanel RPM Digest Check settings in the Software section of WHM’s Tweak Settings interface (WHM » Home » Server Configuration » Tweak Settings).

Script functions

The /usr/local/cpanel/scripts/check_cpanel_pkgs script performs four basic functions each time that it runs:

Discovers missing packages.
Tracks packages that are out-of-date and need updates.
Checks for any altered packages. Altered packages meet any of the following conditions:
- Their mode has changed.
- An MD5 checksum does not exist.
- They are symlinks, and the file points to the wrong path.
- They are missing.
Checks whether to uninstall any cPanel-managed package.

Note:

The /usr/local/cpanel/scripts/check_cpanel_pkgs script runs for a few minutes. If it does not detect any problems, it will not produce any output and exit to the command prompt.
The /usr/local/cpanel/scripts/check_cpanel_pkgs script does not check for problems with incorrect file permissions.

Run the script

To run the /usr/local/cpanel/scripts/check_cpanel_pkgs script on the command line, use the following format:

/usr/local/cpanel/scripts/check_cpanel_pkgs [options]

Options

You can use the following options with the /usr/local/cpanel/scripts/check_cpanel_pkgs script:

Options	Description
`--download-only`	Downloads any missing packages to the `/usr/local/cpanel/tmp/rpm.versions` file, then exits. The script downloads a new copy of a package only if the package is missing. If the package already exists, the script lists the package name only and then exits.
`--fix`	Shows any problems and automatically corrects them.
`--list-only`	Lists altered packages and exits.
`--long-list`	Shows the altered packages and files in an easily-parsed format.
`--no-broken`	Installs missing packages and uninstalls unneeded packages. The script does not check for broken packages.
`--no-digest`	Skips file-digest checks. The script does not check for changes to the file contents.
`--nodir`	The script does not read the `/var/cpanel/rpm.versions.d` directory.
`--notify`	Sends a notification that lists any altered packages. Then, the script describes any actions that the system performed.
`--targets`	Filters packages based on provided targets (comma-delimited).

Example

For example, to use the --fix option, run the following command:

/usr/local/cpanel/scripts/check_cpanel_pkgs --fix

Checks performed

The /usr/local/cpanel/scripts/check_cpanel_pkgs script runs a verification check on all cPanel-managed packages. This checks for changes in the files since their installation. The script does not check configuration and documentation files.

Note:

If the output indicates that only Mode or mTime have changed, the script will not report that as an altered package.

The output of the verification check lists the following changes:

Check	Description
`S`	File size differs.
`M`	Mode differs. This includes permissions and file type.
`5`	MD5 sum differs.
`D`	Device major or minor number mismatch.
`L`	`readLink(2)` path mismatch.
`U`	User ownership differs.
`G`	Group ownership differs.
`T`	`mTime` differs. `mTime` refers to the last time the file was modified.
`P`	Capabilities differ.