logwatch report Connections (secure-log) Begin

pumkum · 02-13-2009, 08:30 AM

Hi

In my logwatch report i keep getting these errors

is it a concern?

what does it mean? is there a site or doc on this?

--------------------- Connections (secure-log) Begin ------------------------

**Unmatched Entries**
Cp-Wrap[5023]: Pushing "32081 GETDOMAINIP danemname.com " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32081
Cp-Wrap[5023]: CP-Wrapper terminated without error
Cp-Wrap[5025]: Pushing "32081 LISTSUBDOMAINS 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32081
Cp-Wrap[5025]: CP-Wrapper terminated without error
Cp-Wrap[5027]: Pushing "32081 LISTMULTIPARKED 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32081
Cp-Wrap[5027]: CP-Wrapper terminated without error
Cp-Wrap[5029]: Pushing "32081 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32081
Cp-Wrap[5029]: CP-Wrapper terminated without error
Cp-Wrap[5033]: Pushing "32081 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32081
Cp-Wrap[5033]: CP-Wrapper terminated without error
Cp-Wrap[5511]: Pushing "513 GETDOMAINIP demodoain.biz " to '/usr/local/cpanel/bin/apacheadmin' for UID: 513
Cp-Wrap[5511]: CP-Wrapper terminated without error
Cp-Wrap[5513]: Pushing "513 LISTSUBDOMAINS 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 513
Cp-Wrap[5513]: CP-Wrapper terminated without error
Cp-Wrap[5515]: Pushing "513 LISTMULTIPARKED 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 513
Cp-Wrap[5515]: CP-Wrapper terminated without error
Cp-Wrap[5517]: Pushing "513 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 513
Cp-Wrap[5517]: CP-Wrapper terminated without error
Cp-Wrap[5523]: Pushing "513 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 513
Cp-Wrap[5523]: CP-Wrapper terminated without error
Cp-Wrap[5526]: Pushing "513 LISTSTORE 0 0 " to '/usr/local/cpanel/bin/ftpadmin' for UID: 513
Cp-Wrap[5526]: CP-Wrapper terminated without error
Cp-Wrap[5551]: Pushing "513 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 513
Cp-Wrap[5551]: CP-Wrapper terminated without error
Cp-Wrap[5816]: Pushing "513 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 513
Cp-Wrap[5816]: CP-Wrapper terminated without error
Cp-Wrap[5842]: Pushing "513 ADDDB broadcast" to '/usr/local/cpanel/bin/mysqladmin' for UID: 513
Cp-Wrap[5842]: CP-Wrapper terminated without error
Cp-Wrap[5852]: Pushing "513 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 513
Cp-Wrap[5852]: CP-Wrapper terminated without error
Cp-Wrap[18659]: Pushing "32101 GETDOMAINIP testdemo.org " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32101
Cp-Wrap[18659]: CP-Wrapper terminated without error
Cp-Wrap[18661]: Pushing "32101 LISTSUBDOMAINS 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32101
Cp-Wrap[18661]: CP-Wrapper terminated without error
Cp-Wrap[18663]: Pushing "32101 LISTMULTIPARKED 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 32101
Cp-Wrap[18663]: CP-Wrapper terminated without error
Cp-Wrap[18665]: Pushing "32101 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[18665]: CP-Wrapper terminated without error
Cp-Wrap[18669]: Pushing "32101 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[18669]: CP-Wrapper terminated without error
Cp-Wrap[21288]: Pushing "32101 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[21288]: CP-Wrapper terminated without error
Cp-Wrap[21292]: Pushing "32101 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[21292]: CP-Wrapper terminated without error
Cp-Wrap[21358]: Pushing "32101 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[21358]: CP-Wrapper terminated without error
Cp-Wrap[21503]: Pushing "32101 ADDDB dddd" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[21503]: CP-Wrapper terminated without error
Cp-Wrap[21515]: Pushing "32101 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[21515]: CP-Wrapper terminated without error
Cp-Wrap[21524]: Pushing "32101 ADDUSER sdddd XXXXXXXXXXX" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[21524]: CP-Wrapper terminated without error
Cp-Wrap[21633]: Pushing "32101 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[21633]: CP-Wrapper terminated without error
Cp-Wrap[24039]: Pushing "32101 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[24039]: CP-Wrapper terminated without error
Cp-Wrap[24043]: Pushing "32101 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[24043]: CP-Wrapper terminated without error
Cp-Wrap[24069]: Pushing "32101 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 32101
Cp-Wrap[24069]: CP-Wrapper terminated without error
Cp-Wrap[25964]: Pushing "511 GETDOMAINIP bodybuildd.com " to '/usr/local/cpanel/bin/apacheadmin' for UID: 511
Cp-Wrap[25964]: CP-Wrapper terminated without error
Cp-Wrap[25966]: Pushing "511 LISTSUBDOMAINS 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 511
Cp-Wrap[25966]: CP-Wrapper terminated without error
Cp-Wrap[25968]: Pushing "511 LISTMULTIPARKED 0 " to '/usr/local/cpanel/bin/apacheadmin' for UID: 511
Cp-Wrap[25968]: CP-Wrapper terminated without error
Cp-Wrap[25970]: Pushing "511 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 511
Cp-Wrap[25970]: CP-Wrapper terminated without error
Cp-Wrap[25974]: Pushing "511 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 511
Cp-Wrap[25974]: CP-Wrapper terminated without error
Cp-Wrap[26079]: Pushing "511 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 511
Cp-Wrap[26079]: CP-Wrapper terminated without error
Cp-Wrap[26099]: Pushing "511 CHECKDB bodybuil_video" to '/usr/local/cpanel/bin/mysqladmin' for UID: 511
Cp-Wrap[26099]: CP-Wrapper terminated without error
Cp-Wrap[26111]: Pushing "511 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 511
Cp-Wrap[26111]: CP-Wrapper terminated without error
Cp-Wrap[27406]: Pushing "32081 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32081
Cp-Wrap[27406]: CP-Wrapper terminated without error
Cp-Wrap[27410]: Pushing "32081 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32081
Cp-Wrap[27410]: CP-Wrapper terminated without error
Cp-Wrap[27467]: Pushing "32081 COUNTDBS" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32081
Cp-Wrap[27467]: CP-Wrapper terminated without error
Cp-Wrap[27470]: Pushing "32081 GETDISK" to '/usr/local/cpanel/bin/mysqladmin' for UID: 32081
Cp-Wrap[27470]: CP-Wrapper terminated without error
Cp-Wrap[27485]: Pushing "32081 DBCACHE " to '/usr/local/cpanel/bin/mysqladmin' for UID: 32081
Cp-Wrap[27485]: CP-Wrapper terminated without error

---------------------- Connections (secure-log) End -------------------------

and i get this now

--------------------- Kernel Begin ------------------------

WARNING: General Protection Faults in these executables
php5 : 3 Time(s)

---------------------- Kernel End -------------------------

how do i tell whats causing this?

or how do i fix it?

Thanks

unSpawn · 02-14-2009, 04:36 AM

Quote:

Originally Posted by pumkum

is it a concern? what does it mean? is there a site or doc on this?

cpwrap (mysqlwrap) is a setuid wrapper Cpanel uses to talk to MySQL. Apparently it's logging whatever it does. If it's a concern I don't know as I'm not familiar with Cpanel but I'd say "it depends". Say if a certain UID shouldn't issue a certain command. The fact each entry is closed with a "CP-Wrapper terminated without error" statement only means cpwrap itself exited OK and says nothing about the legitimacy of the logged request AFAIK. Documentation should be provided by Cpanel author or vendor.

Quote:

Originally Posted by pumkum

WARNING: General Protection Faults in these executables
php5 : 3 Time(s)

how do i tell whats causing this?

Hard to tell. Best check your logs and read loglines in the vincinity of any logged GPF's (might also check logrotated logs).