Major Warnings after Yum Update in Log Watch
 

Hi, I am a newbie to this forum and to linux in general. I rent my own dedicated server and had it secured with a cPanel Service Package
+ MailScanner package from ConfigServer. I am greener than green, but have been trying to learn as much as I can when I can. Server: Linux CENTOS 5.4 x86_64 standard

Been reading my daily warning messages for sometime now and until last Friday I never really saw any differences in data. On Friday there was an update as logged in logwatch along with hundreds of warning similar to these:
These are the last lines of hundreds. I also was getting hundreds of warings in my service check logs also, but when I searched the net for some info I came across a post that stated removing port 53 from
UDP IN and OUT would help. I did this in csf firewall settings in WHM. This removed most of the warnings from my service checks but no effect on my logwatch logs. Is disabling port 53 from UDP In and Out the right thing to do?

I have everything automated and get yum updates regularily but have never had this issue before.
Here are a few lines of the yum update:

Appreciate any help or guidance to allow me to resolve/understand this issue better.

Hi. Your server was 5.3 until the mentioned time, and then it upgraded it self to 5.4 :-) CentOS 5.4 was released just few days ago, so this update (rather upgrade) is legitimate.

...and wrt Logwatch
If you have verified these resolver warnings are no longer in your log file then it depends on the --range of Logwatch reporting. If it's "Today" then older warnings should disappear the next time you run Logwatch. OTOH if you choose a setting like "All" then these warnings will still show. To verify this you could easily run 'logwatch' from the commandline like 'logwatch --detail Med --print --range Today --service SERVICENAME' where "SERVICENAME" is the name of the service (nameserver, named, bind, dns, whatever else applicable).

Thanks for the replies.
Okay so now I know what the upgrade actually was as there was no reference to the words CentOS 5.4 anywhere that I could see. So I can ignore these warning then I suppose as they are not serious. Is there anywhere I can go to learn what these warnings are actually saying?

Okay when I check the log files in WHM I see these warnings going back to the very day that the update occurred.

How do I determine whatever else is applicable and what is not?

Sorry for my ignorance, but I'm a trying...

Update: Turns out I was still looking through my saved log files when I said they went back to Friday when the update occurred. The logs turn over every two days it looks like. I counted 6798 warnings during these two days (25-26). I also noticed that not all the warnings are the same.

These ones seem to repeat every five minutes. Not sure what this is about.

I think the only clue would be the RPM that updates /etc/redhat-release (as in "centos-release-5-4.*.rpm").


Please be specific. Which warnings? As I told you before warnings should be investigated (and understood) not neglected. However messages of the informational level, like Yum installation or update log lines, are just that: informational. If OTOH you mean the "network unreachable resolving (AAAA|A)" ones then search for "AAAA record" or see http://en.wikipedia.org/wiki/List_of_DNS_record_types. The "working directory is not writable" should be self-explanatory and the "using.*port" and "using.*sockets" are informational too.


I should have said "If you have verified these resolver warnings are no longer in your log file today".


Sorry. With "whatever else is applicable" I meant any other service name that the DNS service runs as.


The "lame server" is a typical message informing you that the remote NS that should resolve these addresses is not the authoritive NS for that domain. In BIND you get rid (stop logging them) of those messages using Like these lame delegations the REFUSED line also indicates a remote problem.