[SOLVED] Update 7.6 killed vsftpd

General support questions
Post Reply
ciccipuzzo
Posts: 4
Joined: 2018/12/05 14:27:57

[SOLVED] Update 7.6 killed vsftpd

Post by ciccipuzzo » 2018/12/05 14:50:02

Hello,
last night cron installed many updates on my FTP/SFTP server.
These are all the updated packages:

Code: Select all

Dec 05 14:08:20 Updated: libgcc.x86_64 4.8.5-36.el7
Dec 05 14:08:21 Updated: grub2-common.noarch 1:2.02-0.76.el7.centos
Dec 05 14:08:21 Updated: grub2-pc-modules.noarch 1:2.02-0.76.el7.centos
Dec 05 14:08:21 Updated: bind-license.noarch 32:9.9.4-72.el7
Dec 05 14:08:21 Updated: kbd-legacy.noarch 1.15.5-15.el7
Dec 05 14:08:22 Updated: kbd-misc.noarch 1.15.5-15.el7
Dec 05 14:08:23 Updated: tzdata.noarch 2018g-1.el7
Dec 05 14:08:29 Updated: glibc-common.x86_64 2.17-260.el7
Dec 05 14:08:30 Updated: glibc.x86_64 2.17-260.el7
Dec 05 14:08:30 Updated: bash.x86_64 4.2.46-31.el7
Dec 05 14:08:30 Updated: libsepol.x86_64 2.5-10.el7
Dec 05 14:08:31 Updated: libselinux.x86_64 2.5-14.1.el7
Dec 05 14:08:31 Updated: zlib.x86_64 1.2.7-18.el7
Dec 05 14:08:31 Updated: audit-libs.x86_64 2.8.4-4.el7
Dec 05 14:08:31 Updated: libuuid.x86_64 2.23.2-59.el7
Dec 05 14:08:31 Updated: libcom_err.x86_64 1.42.9-13.el7
Dec 05 14:08:31 Updated: elfutils-libelf.x86_64 0.172-2.el7
Dec 05 14:08:32 Updated: coreutils.x86_64 8.22-23.el7
Dec 05 14:08:32 Updated: krb5-libs.x86_64 1.15.1-34.el7
Dec 05 14:08:33 Updated: openssl-libs.x86_64 1:1.0.2k-16.el7
Dec 05 14:08:33 Updated: libblkid.x86_64 2.23.2-59.el7
Dec 05 14:08:34 Updated: python-libs.x86_64 2.7.5-76.el7
Dec 05 14:08:34 Updated: python.x86_64 2.7.5-76.el7
Dec 05 14:08:35 Updated: centos-release.x86_64 7-6.1810.2.el7.centos
Dec 05 14:08:35 Updated: libsemanage.x86_64 2.5-14.el7
Dec 05 14:08:35 Updated: findutils.x86_64 1:4.5.11-6.el7
Dec 05 14:08:35 Updated: libmount.x86_64 2.23.2-59.el7
Dec 05 14:08:36 Updated: glib2.x86_64 2.56.1-2.el7
Dec 05 14:08:36 Updated: file-libs.x86_64 5.11-35.el7
Dec 05 14:08:36 Updated: file.x86_64 5.11-35.el7
Dec 05 14:08:37 Updated: libstdc++.x86_64 4.8.5-36.el7
Dec 05 14:08:37 Updated: logrotate.x86_64 3.8.6-17.el7
Dec 05 14:08:37 Updated: tar.x86_64 2:1.26-35.el7
Dec 05 14:08:37 Updated: ethtool.x86_64 2:4.8-9.el7
Dec 05 14:08:38 Updated: libicu.x86_64 50.1.2-17.el7
Dec 05 14:08:38 Updated: setools-libs.x86_64 3.3.8-4.el7
Dec 05 14:08:39 Updated: gsettings-desktop-schemas.x86_64 3.28.0-2.el7
Dec 05 14:08:39 Updated: libsemanage-python.x86_64 2.5-14.el7
Dec 05 14:08:39 Updated: grubby.x86_64 8.28-25.el7
Dec 05 14:08:39 Updated: setup.noarch 2.8.71-10.el7
Dec 05 14:08:40 Updated: shadow-utils.x86_64 2:4.1.5.1-25.el7
Dec 05 14:08:40 Updated: audit-libs-python.x86_64 2.8.4-4.el7
Dec 05 14:08:40 Updated: libselinux-python.x86_64 2.5-14.1.el7
Dec 05 14:08:40 Updated: python-linux-procfs.noarch 0.4.9-4.el7
Dec 05 14:08:40 Updated: python-urlgrabber.noarch 3.10-9.el7
Dec 05 14:08:40 Updated: python-perf.x86_64 3.10.0-957.1.3.el7
Dec 05 14:08:41 Updated: python-firewall.noarch 0.5.3-5.el7
Dec 05 14:08:41 Updated: libssh2.x86_64 1.4.3-12.el7
Dec 05 14:08:42 Updated: binutils.x86_64 2.27-34.base.el7
Dec 05 14:08:42 Updated: libss.x86_64 1.42.9-13.el7
Dec 05 14:08:42 Updated: e2fsprogs-libs.x86_64 1.42.9-13.el7
Dec 05 14:08:43 Updated: GeoIP.x86_64 1.5.0-13.el7
Dec 05 14:08:43 Updated: gnutls.x86_64 3.3.29-8.el7
Dec 05 14:08:43 Updated: glib-networking.x86_64 2.56.1-1.el7
Dec 05 14:08:43 Installed: libpng.x86_64 2:1.5.13-7.el7_2
Dec 05 14:08:44 Updated: freetype.x86_64 2.8-12.el7
Dec 05 14:08:44 Updated: kmod-libs.x86_64 20-23.el7
Dec 05 14:08:44 Updated: libselinux-utils.x86_64 2.5-14.1.el7
Dec 05 14:08:44 Updated: vim-minimal.x86_64 2:7.4.160-5.el7
Dec 05 14:08:44 Updated: iptables.x86_64 1.4.21-28.el7
Dec 05 14:08:53 Updated: linux-firmware.noarch 20180911-69.git85c5d90.el7
Dec 05 14:08:54 Installed: libsmartcols.x86_64 2.23.2-59.el7
Dec 05 14:08:54 Updated: checkpolicy.x86_64 2.5-8.el7
Dec 05 14:08:54 Updated: kernel-tools-libs.x86_64 3.10.0-957.1.3.el7
Dec 05 14:08:54 Updated: libfastjson.x86_64 0.99.4-3.el7
Dec 05 14:08:54 Updated: fuse-libs.x86_64 2.9.2-11.el7
Dec 05 14:08:54 Updated: fuse.x86_64 2.9.2-11.el7
Dec 05 14:08:54 Updated: nss-pem.x86_64 1.0.3-5.el7
Dec 05 14:08:54 Updated: libcurl.x86_64 7.29.0-51.el7
Dec 05 14:08:55 Updated: curl.x86_64 7.29.0-51.el7
Dec 05 14:08:55 Updated: rpm-libs.x86_64 4.11.3-35.el7
Dec 05 14:08:55 Updated: rpm.x86_64 4.11.3-35.el7
Dec 05 14:08:55 Updated: openldap.x86_64 2.4.44-20.el7
Dec 05 14:08:56 Updated: util-linux.x86_64 2.23.2-59.el7
Dec 05 14:08:56 Updated: device-mapper.x86_64 7:1.02.149-10.el7_6.2
Dec 05 14:08:56 Updated: kpartx.x86_64 0.4.9-123.el7
Dec 05 14:08:56 Updated: procps-ng.x86_64 3.3.10-23.el7
Dec 05 14:08:56 Updated: device-mapper-libs.x86_64 7:1.02.149-10.el7_6.2
Dec 05 14:08:56 Updated: cryptsetup-libs.x86_64 2.0.3-3.el7
Dec 05 14:08:57 Updated: dracut.x86_64 033-554.el7
Dec 05 14:08:57 Updated: kmod.x86_64 20-23.el7
Dec 05 14:08:57 Updated: elfutils-libs.x86_64 0.172-2.el7
Dec 05 14:08:57 Updated: systemd-libs.x86_64 219-62.el7
Dec 05 14:08:57 Updated: dbus-libs.x86_64 1:1.10.24-12.el7
Dec 05 14:09:00 Updated: systemd.x86_64 219-62.el7
Dec 05 14:09:00 Updated: dbus.x86_64 1:1.10.24-12.el7
Dec 05 14:09:00 Updated: elfutils-default-yama-scope.noarch 0.172-2.el7
Dec 05 14:09:00 Updated: systemd-sysv.x86_64 219-62.el7
Dec 05 14:09:00 Installed: grub2-tools-minimal.x86_64 1:2.02-0.76.el7.centos
Dec 05 14:09:00 Updated: device-mapper-event-libs.x86_64 7:1.02.149-10.el7_6.2
Dec 05 14:09:00 Updated: policycoreutils.x86_64 2.5-29.el7
Dec 05 14:09:01 Installed: grub2-tools.x86_64 1:2.02-0.76.el7.centos
Dec 05 14:09:01 Updated: wpa_supplicant.x86_64 1:2.6-12.el7
Dec 05 14:09:02 Updated: polkit.x86_64 0.112-18.el7
Dec 05 14:09:02 Updated: initscripts.x86_64 9.49.46-1.el7
Dec 05 14:09:02 Updated: cronie-anacron.x86_64 1.4.11-20.el7_6
Dec 05 14:09:02 Updated: cronie.x86_64 1.4.11-20.el7_6
Dec 05 14:09:03 Updated: NetworkManager-libnm.x86_64 1:1.12.0-8.el7_6
Dec 05 14:09:03 Updated: NetworkManager.x86_64 1:1.12.0-8.el7_6
Dec 05 14:09:03 Installed: grub2-tools-extra.x86_64 1:2.02-0.76.el7.centos
Dec 05 14:09:03 Updated: grub2-pc.x86_64 1:2.02-0.76.el7.centos
Dec 05 14:09:04 Updated: selinux-policy.noarch 3.13.1-229.el7_6.6
Dec 05 14:09:04 Updated: device-mapper-event.x86_64 7:1.02.149-10.el7_6.2
Dec 05 14:09:04 Updated: lvm2-libs.x86_64 7:2.02.180-10.el7_6.2
Dec 05 14:09:04 Updated: libcgroup.x86_64 0.41-20.el7
Dec 05 14:09:04 Updated: libdrm.x86_64 2.4.91-3.el7
Dec 05 14:09:04 Updated: dracut-network.x86_64 033-554.el7
Dec 05 14:09:04 Updated: rpm-build-libs.x86_64 4.11.3-35.el7
Dec 05 14:09:05 Updated: rpm-python.x86_64 4.11.3-35.el7
Dec 05 14:09:05 Updated: yum-plugin-fastestmirror.noarch 1.1.31-50.el7
Dec 05 14:09:06 Updated: yum.noarch 3.4.3-161.el7.centos
Dec 05 14:09:06 Updated: ipset-libs.x86_64 6.38-3.el7_6
Dec 05 14:09:06 Updated: ipset.x86_64 6.38-3.el7_6
Dec 05 14:09:06 Updated: firewalld-filesystem.noarch 0.5.3-5.el7
Dec 05 14:09:07 Updated: firewalld.noarch 0.5.3-5.el7
Dec 05 14:09:07 Updated: yum-cron.noarch 3.4.3-161.el7.centos
Dec 05 14:09:07 Updated: kexec-tools.x86_64 2.0.15-21.el7
Dec 05 14:09:07 Updated: open-vm-tools.x86_64 10.2.5-3.el7
Dec 05 14:09:08 Updated: policycoreutils-python.x86_64 2.5-29.el7
Dec 05 14:09:08 Updated: lvm2.x86_64 7:2.02.180-10.el7_6.2
Dec 05 14:09:20 Updated: selinux-policy-targeted.noarch 3.13.1-229.el7_6.6
Dec 05 14:09:20 Installed: grub2.x86_64 1:2.02-0.76.el7.centos
Dec 05 14:09:20 Updated: NetworkManager-ppp.x86_64 1:1.12.0-8.el7_6
Dec 05 14:09:20 Updated: NetworkManager-tui.x86_64 1:1.12.0-8.el7_6
Dec 05 14:09:20 Updated: NetworkManager-wifi.x86_64 1:1.12.0-8.el7_6
Dec 05 14:09:27 Installed: kernel.x86_64 3.10.0-957.1.3.el7
Dec 05 14:09:28 Updated: kbd.x86_64 1.15.5-15.el7
Dec 05 14:09:28 Updated: tuned.noarch 2.10.0-6.el7
Dec 05 14:09:28 Updated: audit.x86_64 2.8.4-4.el7
Dec 05 14:09:28 Updated: dnsmasq.x86_64 2.76-7.el7
Dec 05 14:09:30 Updated: postfix.x86_64 2:2.10.1-7.el7
Dec 05 14:09:30 Updated: rsyslog.x86_64 8.24.0-34.el7
Dec 05 14:09:31 Updated: hwdata.x86_64 0.252-9.1.el7
Dec 05 14:09:35 Updated: microcode_ctl.x86_64 2:2.1-47.el7
Dec 05 14:09:35 Updated: systemd-python.x86_64 219-62.el7
Dec 05 14:09:35 Updated: net-tools.x86_64 2.0-0.24.20131004git.el7
Dec 05 14:09:35 Updated: libgudev1.x86_64 219-62.el7
Dec 05 14:09:35 Updated: dracut-config-rescue.x86_64 033-554.el7
Dec 05 14:09:35 Updated: sudo.x86_64 1.8.23-3.el7
Dec 05 14:09:36 Updated: kernel-tools.x86_64 3.10.0-957.1.3.el7
Dec 05 14:09:36 Updated: libsoup.x86_64 2.62.2-2.el7
Dec 05 14:09:36 Updated: bind-libs-lite.x86_64 32:9.9.4-72.el7
Dec 05 14:09:36 Updated: e2fsprogs.x86_64 1.42.9-13.el7
Dec 05 14:09:36 Updated: vsftpd.x86_64 3.0.2-25.el7
Dec 05 14:09:37 Updated: gobject-introspection.x86_64 1.56.1-1.el7
Dec 05 14:09:37 Updated: libcroco.x86_64 0.6.12-4.el7
Dec 05 14:09:37 Updated: pyOpenSSL.x86_64 0.13.1-4.el7
Dec 05 14:09:37 Updated: xfsprogs.x86_64 4.5.0-18.el7
Dec 05 14:09:37 Updated: openssl.x86_64 1:1.0.2k-16.el7
Dec 05 14:09:38 Updated: alsa-lib.x86_64 1.1.6-2.el7
Dec 05 14:09:38 Updated: man-db.x86_64 2.6.3-11.el7
Dec 05 14:09:38 Updated: iprutils.x86_64 2.4.16.1-1.el7
Dec 05 14:09:38 Updated: libgomp.x86_64 4.8.5-36.el7
Dec 05 14:09:38 Updated: dmidecode.x86_64 1:3.1-2.el7
Dec 05 14:09:39 Updated: dialog.x86_64 1.2-5.20130523.el7
Dec 05 14:09:41 Updated: iwl2030-firmware.noarch 18.168.6.1-69.el7
Dec 05 14:09:41 Updated: iwl5000-firmware.noarch 8.83.5.1_1-69.el7
Dec 05 14:09:42 Updated: iwl6000g2b-firmware.noarch 17.168.5.2-69.el7
Dec 05 14:09:42 Updated: iwl4965-firmware.noarch 228.61.2.24-69.el7
Dec 05 14:09:42 Updated: iwl100-firmware.noarch 39.31.5.1-69.el7
Dec 05 14:09:42 Updated: iwl6000-firmware.noarch 9.221.4.1-69.el7
Dec 05 14:09:42 Updated: iwl7260-firmware.noarch 22.0.7.0-69.el7
Dec 05 14:09:42 Updated: iwl3160-firmware.noarch 22.0.7.0-69.el7
Dec 05 14:09:43 Updated: iwl105-firmware.noarch 18.168.6.1-69.el7
Dec 05 14:09:43 Updated: iwl5150-firmware.noarch 8.24.2.2-69.el7
Dec 05 14:09:43 Updated: iwl2000-firmware.noarch 18.168.6.1-69.el7
Dec 05 14:09:43 Updated: iwl3945-firmware.noarch 15.32.2.9-69.el7
Dec 05 14:09:43 Updated: iwl135-firmware.noarch 18.168.6.1-69.el7
Dec 05 14:09:43 Updated: iwl6000g2a-firmware.noarch 17.168.5.3-69.el7
Dec 05 14:09:43 Updated: iwl1000-firmware.noarch 1:39.31.5.1-69.el7
Dec 05 14:09:44 Updated: iwl6050-firmware.noarch 41.28.5.1-69.el7
immediatly after the update our vsftpd stop working, service is running and active but any login attempt fails. The only info in vsftpd.log is "LOGIN FAIL", no details why this happen.
SFTP keeps working fine, i checked firewall and disable it, didn't help. Selinux already disabled.

Only solution we found was to restore a backup from last night and disable cron to stop automatic update.
I'm not that expert, any help is apreciated, I have no idea what to check with so many updates applied

This is our vsftpd config, was working perfectly before the update

Code: Select all

# Personal FTP server config

### MAIN
listen=YES
listen_port=21
connect_from_port_20=YES

### ACCESS

anonymous_enable=NO
local_enable=YES
chroot_local_user=YES
userlist_deny=NO

connect_timeout=60
data_connection_timeout=300
idle_session_timeout=300
local_max_rate=0
max_clients=0
max_per_ip=3

### DIRECTORY
write_enable=YES
download_enable=YES
dirlist_enable=YES
dirmessage_enable=YES

### LOGS
vsftpd_log_file=/var/log/vsftpd.log
xferlog_enable=YES
xferlog_file=/var/log/xferlog

# This string is the name of the PAM service vsftpd will use.
pam_service_name=vsftpd
rsa_cert_file=edited

allow_writeable_chroot=YES
pasv_enable=YES
pasv_min_port=40001
pasv_max_port=40020
rsa_private_key_file=edited
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
Thanks.
Last edited by ciccipuzzo on 2018/12/07 00:44:18, edited 1 time in total.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Update 7.6 killed vsftpd, Help!

Post by TrevorH » 2018/12/05 15:03:26

SFTP keeps working fine, i checked firewall and disable it, didn't help. Selinux already disabled.
The only thing that sftp and vsftpd share in common are the letters "ftp". Otherwise they have nothing in common. Sftp connections are handled by sshd and do not touch vsftpd at all.

You'll need to look at your logs to discover more details about the problem. Check in /var/log/vsftpd.log, /var/log/messages and /var/log/secure for more info.

And disabling selinux on a machine running a vulnerable service like ftp sounds like a bad idea. You should learn how to use it, not just turn it off.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

ciccipuzzo
Posts: 4
Joined: 2018/12/05 14:27:57

Re: Update 7.6 killed vsftpd, Help!

Post by ciccipuzzo » 2018/12/05 16:27:04

I know SFTP and FTP are different things, I said "SFTP works" just to exclude any user/password/network problem.
About selinux, yeah, you're right, I should learn how to use it but not in this moment :mrgreen: as a debug information, now selinux is disabled.

Now... I cloned the virtual machine and I'm using it as a test environment.
I manually updated it with a yum upgrade (yum --security upgrade says none of the 169 packeges are security-related) and FTP stop working.

This is VSFTPD.log when i try to connect after the update, not helpful at all

Code: Select all

Wed Dec  5 17:11:47 2018 [pid 11130] CONNECT: Client "1.2.3.4"
Wed Dec  5 17:11:49 2018 [pid 11129] [username] FAIL LOGIN: Client "1.2.3.4"
This is secure (ssh) log immediatly after update

Code: Select all

Dec  5 16:55:21 servername useradd[1685]: failed adding user 'dbus', exit code: 9
Dec  5 16:55:22 servername polkitd[628]: Reloading rules
Dec  5 16:55:22 servername polkitd[628]: Collecting garbage unconditionally...
Dec  5 16:55:22 servername polkitd[628]: Loading rules from directory /etc/polkit-1/rules.d
Dec  5 16:55:22 servername polkitd[628]: Loading rules from directory /usr/share/polkit-1/rules.d
Dec  5 16:55:22 servername polkitd[628]: Finished loading, compiling and executing 2 rules
Dec  5 16:55:22 servername polkitd[628]: Reloading rules
Dec  5 16:55:22 servername polkitd[628]: Collecting garbage unconditionally...
Dec  5 16:55:22 servername polkitd[628]: Loading rules from directory /etc/polkit-1/rules.d
Dec  5 16:55:22 servername polkitd[628]: Loading rules from directory /usr/share/polkit-1/rules.d
Dec  5 16:55:22 servername polkitd[628]: Finished loading, compiling and executing 2 rules
Dec  5 16:55:22 servername polkitd[1700]: Loading rules from directory /etc/polkit-1/rules.d
Dec  5 16:55:22 servername polkitd[1700]: Loading rules from directory /usr/share/polkit-1/rules.d
Dec  5 16:55:22 servername polkitd[1700]: Finished loading, compiling and executing 2 rules
Dec  5 16:55:22 servername polkitd[1700]: Acquired the name org.freedesktop.PolicyKit1 on the system bus
Dec  5 16:55:42 servername useradd[3633]: failed adding user 'postfix', exit code: 9
Dec  5 16:56:28 servername polkitd[21417]: Loading rules from directory /etc/polkit-1/rules.d
Dec  5 16:56:28 servername polkitd[21417]: Loading rules from directory /usr/share/polkit-1/rules.d
Dec  5 16:56:28 servername polkitd[21417]: Finished loading, compiling and executing 2 rules
Dec  5 16:56:28 servername polkitd[21417]: Acquired the name org.freedesktop.PolicyKit1 on the system bus
This is message log immediatly after update

Code: Select all

Dec  5 16:54:51 servername yum[1363]: Updated: libgcc-4.8.5-36.el7.x86_64
Dec  5 16:54:52 servername yum[1363]: Updated: 1:grub2-common-2.02-0.76.el7.centos.noarch
Dec  5 16:54:52 servername yum[1363]: Updated: 1:grub2-pc-modules-2.02-0.76.el7.centos.noarch
Dec  5 16:54:52 servername yum[1363]: Updated: 32:bind-license-9.9.4-72.el7.noarch
Dec  5 16:54:52 servername yum[1363]: Updated: kbd-legacy-1.15.5-15.el7.noarch
Dec  5 16:54:53 servername yum[1363]: Updated: kbd-misc-1.15.5-15.el7.noarch
Dec  5 16:54:53 servername yum[1363]: Updated: tzdata-2018g-1.el7.noarch
Dec  5 16:54:59 servername yum[1363]: Updated: glibc-common-2.17-260.el7.x86_64
Dec  5 16:54:59 servername systemd: Reexecuting.
Dec  5 16:54:59 servername systemd: systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Dec  5 16:54:59 servername systemd: Detected virtualization vmware.
Dec  5 16:54:59 servername systemd: Detected architecture x86-64.
Dec  5 16:54:59 servername systemd: Stopping Command Scheduler...
Dec  5 16:54:59 servername systemd: Started Command Scheduler.
Dec  5 16:54:59 servername systemd: Starting Command Scheduler...
Dec  5 16:54:59 servername yum[1363]: Updated: glibc-2.17-260.el7.x86_64
Dec  5 16:55:00 servername yum[1363]: Updated: bash-4.2.46-31.el7.x86_64
Dec  5 16:55:00 servername systemd: Reexecuting.
Dec  5 16:55:00 servername systemd: systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Dec  5 16:55:00 servername systemd: Detected virtualization vmware.
Dec  5 16:55:00 servername systemd: Detected architecture x86-64.
Dec  5 16:55:00 servername yum[1363]: Updated: libsepol-2.5-10.el7.x86_64
Dec  5 16:55:00 servername systemd: Stopping Command Scheduler...
Dec  5 16:55:00 servername systemd: Started Command Scheduler.
Dec  5 16:55:00 servername systemd: Starting Command Scheduler...
Dec  5 16:55:00 servername yum[1363]: Updated: libselinux-2.5-14.1.el7.x86_64
Dec  5 16:55:00 servername yum[1363]: Updated: zlib-1.2.7-18.el7.x86_64
Dec  5 16:55:00 servername yum[1363]: Updated: audit-libs-2.8.4-4.el7.x86_64
Dec  5 16:55:00 servername yum[1363]: Updated: libuuid-2.23.2-59.el7.x86_64
Dec  5 16:55:00 servername yum[1363]: Updated: libcom_err-1.42.9-13.el7.x86_64
Dec  5 16:55:00 servername yum[1363]: Updated: elfutils-libelf-0.172-2.el7.x86_64
Dec  5 16:55:01 servername yum[1363]: Updated: coreutils-8.22-23.el7.x86_64
Dec  5 16:55:01 servername yum[1363]: Updated: krb5-libs-1.15.1-34.el7.x86_64
Dec  5 16:55:01 servername yum[1363]: Updated: 1:openssl-libs-1.0.2k-16.el7.x86_64
Dec  5 16:55:01 servername yum[1363]: Updated: libblkid-2.23.2-59.el7.x86_64
Dec  5 16:55:03 servername yum[1363]: Updated: python-libs-2.7.5-76.el7.x86_64
Dec  5 16:55:03 servername yum[1363]: Updated: python-2.7.5-76.el7.x86_64
Dec  5 16:55:03 servername yum[1363]: Updated: centos-release-7-6.1810.2.el7.centos.x86_64
Dec  5 16:55:03 servername yum[1363]: Updated: libsemanage-2.5-14.el7.x86_64
Dec  5 16:55:03 servername yum[1363]: Updated: 1:findutils-4.5.11-6.el7.x86_64
Dec  5 16:55:03 servername yum[1363]: Updated: libmount-2.23.2-59.el7.x86_64
Dec  5 16:55:04 servername yum[1363]: Updated: glib2-2.56.1-2.el7.x86_64
Dec  5 16:55:04 servername yum[1363]: Updated: file-libs-5.11-35.el7.x86_64
Dec  5 16:55:04 servername yum[1363]: Updated: file-5.11-35.el7.x86_64
Dec  5 16:55:04 servername yum[1363]: Updated: libstdc++-4.8.5-36.el7.x86_64
Dec  5 16:55:04 servername yum[1363]: Updated: logrotate-3.8.6-17.el7.x86_64
Dec  5 16:55:04 servername yum[1363]: Updated: 2:tar-1.26-35.el7.x86_64
Dec  5 16:55:04 servername yum[1363]: Updated: 2:ethtool-4.8-9.el7.x86_64
Dec  5 16:55:05 servername yum[1363]: Updated: libicu-50.1.2-17.el7.x86_64
Dec  5 16:55:06 servername yum[1363]: Updated: setools-libs-3.3.8-4.el7.x86_64
Dec  5 16:55:06 servername yum[1363]: Updated: gsettings-desktop-schemas-3.28.0-2.el7.x86_64
Dec  5 16:55:06 servername yum[1363]: Updated: libsemanage-python-2.5-14.el7.x86_64
Dec  5 16:55:06 servername yum[1363]: Updated: grubby-8.28-25.el7.x86_64
Dec  5 16:55:06 servername yum[1363]: Updated: setup-2.8.71-10.el7.noarch
Dec  5 16:55:06 servername yum[1363]: Updated: 2:shadow-utils-4.1.5.1-25.el7.x86_64
Dec  5 16:55:06 servername yum[1363]: Updated: audit-libs-python-2.8.4-4.el7.x86_64
Dec  5 16:55:07 servername yum[1363]: Updated: libselinux-python-2.5-14.1.el7.x86_64
Dec  5 16:55:07 servername yum[1363]: Updated: python-linux-procfs-0.4.9-4.el7.noarch
Dec  5 16:55:07 servername yum[1363]: Updated: python-urlgrabber-3.10-9.el7.noarch
Dec  5 16:55:07 servername yum[1363]: Updated: python-perf-3.10.0-957.1.3.el7.x86_64
Dec  5 16:55:07 servername yum[1363]: Updated: python-firewall-0.5.3-5.el7.noarch
Dec  5 16:55:07 servername yum[1363]: Updated: libssh2-1.4.3-12.el7.x86_64
Dec  5 16:55:08 servername yum[1363]: Updated: binutils-2.27-34.base.el7.x86_64
Dec  5 16:55:08 servername yum[1363]: Updated: libss-1.42.9-13.el7.x86_64
Dec  5 16:55:08 servername yum[1363]: Updated: e2fsprogs-libs-1.42.9-13.el7.x86_64
Dec  5 16:55:08 servername yum[1363]: Updated: GeoIP-1.5.0-13.el7.x86_64
Dec  5 16:55:09 servername yum[1363]: Updated: gnutls-3.3.29-8.el7.x86_64
Dec  5 16:55:09 servername yum[1363]: Updated: glib-networking-2.56.1-1.el7.x86_64
Dec  5 16:55:09 servername yum[1363]: Installed: 2:libpng-1.5.13-7.el7_2.x86_64
Dec  5 16:55:09 servername yum[1363]: Updated: freetype-2.8-12.el7.x86_64
Dec  5 16:55:09 servername yum[1363]: Updated: kmod-libs-20-23.el7.x86_64
Dec  5 16:55:09 servername yum[1363]: Updated: libselinux-utils-2.5-14.1.el7.x86_64
Dec  5 16:55:09 servername yum[1363]: Updated: 2:vim-minimal-7.4.160-5.el7.x86_64
Dec  5 16:55:09 servername yum[1363]: Updated: iptables-1.4.21-28.el7.x86_64
Dec  5 16:55:09 servername NetworkManager[655]: <info>  [1544025309.6528] manager: kernel firmware directory '/lib/firmware' changed
Dec  5 16:55:13 servername NetworkManager[655]: <info>  [1544025313.9606] manager: kernel firmware directory '/lib/firmware' changed
Dec  5 16:55:17 servername yum[1363]: Updated: linux-firmware-20180911-69.git85c5d90.el7.noarch
Dec  5 16:55:17 servername yum[1363]: Installed: libsmartcols-2.23.2-59.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: checkpolicy-2.5-8.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: kernel-tools-libs-3.10.0-957.1.3.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: libfastjson-0.99.4-3.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: fuse-libs-2.9.2-11.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: fuse-2.9.2-11.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: nss-pem-1.0.3-5.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: libcurl-7.29.0-51.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: curl-7.29.0-51.el7.x86_64
Dec  5 16:55:17 servername yum[1363]: Updated: rpm-libs-4.11.3-35.el7.x86_64
Dec  5 16:55:18 servername yum[1363]: Updated: rpm-4.11.3-35.el7.x86_64
Dec  5 16:55:18 servername yum[1363]: Updated: openldap-2.4.44-20.el7.x86_64
Dec  5 16:55:18 servername yum[1363]: Updated: util-linux-2.23.2-59.el7.x86_64
Dec  5 16:55:18 servername yum[1363]: Updated: 7:device-mapper-1.02.149-10.el7_6.2.x86_64
Dec  5 16:55:18 servername yum[1363]: Updated: kpartx-0.4.9-123.el7.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: procps-ng-3.3.10-23.el7.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: 7:device-mapper-libs-1.02.149-10.el7_6.2.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: cryptsetup-libs-2.0.3-3.el7.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: dracut-033-554.el7.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: kmod-20-23.el7.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: elfutils-libs-0.172-2.el7.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: systemd-libs-219-62.el7.x86_64
Dec  5 16:55:19 servername yum[1363]: Updated: 1:dbus-libs-1.10.24-12.el7.x86_64
Dec  5 16:55:19 servername systemd: Closed udev Control Socket.
Dec  5 16:55:19 servername systemd: Stopping udev Control Socket.
Dec  5 16:55:19 servername systemd: Closed udev Kernel Socket.
Dec  5 16:55:19 servername systemd: Stopping udev Kernel Socket.
Dec  5 16:55:19 servername systemd: Stopping udev Kernel Device Manager...
Dec  5 16:55:19 servername systemd: Stopped udev Kernel Device Manager.
Dec  5 16:55:19 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:20 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:20 servername systemd: Reexecuting.
Dec  5 16:55:20 servername systemd: systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Dec  5 16:55:20 servername systemd: Detected virtualization vmware.
Dec  5 16:55:20 servername systemd: Detected architecture x86-64.
Dec  5 16:55:20 servername systemd: Unset automount Arbitrary Executable File Formats File System Automount Point.
Dec  5 16:55:20 servername systemd: Stopping Arbitrary Executable File Formats File System Automount Point.
Dec  5 16:55:20 servername systemd: Set up automount Arbitrary Executable File Formats File System Automount Point.
Dec  5 16:55:20 servername systemd: Listening on udev Kernel Socket.
Dec  5 16:55:20 servername systemd: Listening on udev Control Socket.
Dec  5 16:55:20 servername systemd: Starting udev Kernel Device Manager...
Dec  5 16:55:20 servername systemd-udevd: starting version 219
Dec  5 16:55:20 servername systemd: Started udev Kernel Device Manager.
Dec  5 16:55:21 servername yum[1363]: Updated: systemd-219-62.el7.x86_64
Dec  5 16:55:21 servername yum[1363]: Updated: 1:dbus-1.10.24-12.el7.x86_64
Dec  5 16:55:21 servername yum[1363]: Updated: elfutils-default-yama-scope-0.172-2.el7.noarch
Dec  5 16:55:21 servername yum[1363]: Updated: systemd-sysv-219-62.el7.x86_64
Dec  5 16:55:21 servername yum[1363]: Installed: 1:grub2-tools-minimal-2.02-0.76.el7.centos.x86_64
Dec  5 16:55:21 servername yum[1363]: Updated: 7:device-mapper-event-libs-1.02.149-10.el7_6.2.x86_64
Dec  5 16:55:21 servername yum[1363]: Updated: policycoreutils-2.5-29.el7.x86_64
Dec  5 16:55:22 servername yum[1363]: Installed: 1:grub2-tools-2.02-0.76.el7.centos.x86_64
Dec  5 16:55:22 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:22 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:22 servername yum[1363]: Updated: 1:wpa_supplicant-2.6-12.el7.x86_64
Dec  5 16:55:22 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:22 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:22 servername systemd: Stopping Dynamic System Tuning Daemon...
Dec  5 16:55:22 servername systemd: Stopping Authorization Manager...
Dec  5 16:55:22 servername systemd: Stopped Authorization Manager.
Dec  5 16:55:22 servername systemd: Starting Authorization Manager...
Dec  5 16:55:22 servername polkitd[1700]: Started polkitd version 0.112
Dec  5 16:55:22 servername systemd: Started Authorization Manager.
Dec  5 16:55:22 servername yum[1363]: Updated: polkit-0.112-18.el7.x86_64
Dec  5 16:55:22 servername systemd: Reloading.
Dec  5 16:55:22 servername systemd: Stopped Dynamic System Tuning Daemon.
Dec  5 16:55:22 servername systemd: Starting Dynamic System Tuning Daemon...
Dec  5 16:55:22 servername systemd: Reloading.
Dec  5 16:55:23 servername yum[1363]: Updated: initscripts-9.49.46-1.el7.x86_64
Dec  5 16:55:23 servername yum[1363]: Updated: cronie-anacron-1.4.11-20.el7_6.x86_64
Dec  5 16:55:23 servername systemd: Stopping Command Scheduler...
Dec  5 16:55:23 servername systemd: Stopped Command Scheduler.
Dec  5 16:55:23 servername systemd: Started Command Scheduler.
Dec  5 16:55:23 servername yum[1363]: Updated: cronie-1.4.11-20.el7_6.x86_64
Dec  5 16:55:23 servername systemd: Started Dynamic System Tuning Daemon.
Dec  5 16:55:23 servername yum[1363]: Updated: 1:NetworkManager-libnm-1.12.0-8.el7_6.x86_64
Dec  5 16:55:23 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:23 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:23 servername yum[1363]: Updated: 1:NetworkManager-1.12.0-8.el7_6.x86_64
Dec  5 16:55:24 servername yum[1363]: Installed: 1:grub2-tools-extra-2.02-0.76.el7.centos.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: 1:grub2-pc-2.02-0.76.el7.centos.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: selinux-policy-3.13.1-229.el7_6.6.noarch
Dec  5 16:55:24 servername systemd: Reloading.
Dec  5 16:55:24 servername yum[1363]: Updated: 7:device-mapper-event-1.02.149-10.el7_6.2.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: 7:lvm2-libs-2.02.180-10.el7_6.2.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: libcgroup-0.41-20.el7.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: libdrm-2.4.91-3.el7.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: dracut-network-033-554.el7.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: rpm-build-libs-4.11.3-35.el7.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: rpm-python-4.11.3-35.el7.x86_64
Dec  5 16:55:24 servername yum[1363]: Updated: yum-plugin-fastestmirror-1.1.31-50.el7.noarch
Dec  5 16:55:25 servername yum[1363]: Updated: yum-3.4.3-161.el7.centos.noarch
Dec  5 16:55:25 servername yum[1363]: Updated: ipset-libs-6.38-3.el7_6.x86_64
Dec  5 16:55:25 servername yum[1363]: Updated: ipset-6.38-3.el7_6.x86_64
Dec  5 16:55:25 servername yum[1363]: Updated: firewalld-filesystem-0.5.3-5.el7.noarch
Dec  5 16:55:25 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:25 servername yum[1363]: Updated: firewalld-0.5.3-5.el7.noarch
Dec  5 16:55:25 servername yum[1363]: Updated: yum-cron-3.4.3-161.el7.centos.noarch
Dec  5 16:55:25 servername yum[1363]: Updated: kexec-tools-2.0.15-21.el7.x86_64
Dec  5 16:55:25 servername yum[1363]: Updated: open-vm-tools-10.2.5-3.el7.x86_64
Dec  5 16:55:25 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:25 servername yum[1363]: Updated: policycoreutils-python-2.5-29.el7.x86_64
Dec  5 16:55:26 servername systemd: Reloading.
Dec  5 16:55:26 servername systemd: Reloading.
Dec  5 16:55:26 servername yum[1363]: Updated: 7:lvm2-2.02.180-10.el7_6.2.x86_64
Dec  5 16:55:36 servername yum[1363]: Updated: selinux-policy-targeted-3.13.1-229.el7_6.6.noarch
Dec  5 16:55:37 servername yum[1363]: Installed: 1:grub2-2.02-0.76.el7.centos.x86_64
Dec  5 16:55:37 servername yum[1363]: Updated: 1:NetworkManager-ppp-1.12.0-8.el7_6.x86_64
Dec  5 16:55:37 servername yum[1363]: Updated: 1:NetworkManager-tui-1.12.0-8.el7_6.x86_64
Dec  5 16:55:37 servername yum[1363]: Updated: 1:NetworkManager-wifi-1.12.0-8.el7_6.x86_64
Dec  5 16:55:40 servername NetworkManager[655]: <info>  [1544025340.9422] manager: kernel firmware directory '/lib/firmware' changed
Dec  5 16:55:42 servername yum[1363]: Installed: kernel-3.10.0-957.1.3.el7.x86_64
Dec  5 16:55:42 servername yum[1363]: Updated: kbd-1.15.5-15.el7.x86_64
Dec  5 16:55:42 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:42 servername yum[1363]: Updated: tuned-2.10.0-6.el7.noarch
Dec  5 16:55:42 servername yum[1363]: Updated: audit-2.8.4-4.el7.x86_64
Dec  5 16:55:42 servername dbus[631]: [system] Reloaded configuration
Dec  5 16:55:42 servername yum[1363]: Updated: dnsmasq-2.76-7.el7.x86_64
Dec  5 16:55:44 servername systemd: Reloading.
Dec  5 16:55:44 servername yum[1363]: Updated: 2:postfix-2.10.1-7.el7.x86_64
Dec  5 16:55:44 servername yum[1363]: Updated: rsyslog-8.24.0-34.el7.x86_64
Dec  5 16:55:44 servername yum[1363]: Updated: hwdata-0.252-9.1.el7.x86_64
Dec  5 16:55:45 servername NetworkManager[655]: <info>  [1544025345.3445] manager: kernel firmware directory '/lib/firmware' changed
Dec  5 16:55:46 servername DISCLAIMER: This updated microcode supersedes microcode provided by Red Hat with
Dec  5 16:55:46 servername DISCLAIMER: the CVE-2017-5715 (“Spectre”) CPU branch injection vulnerability
Dec  5 16:55:46 servername DISCLAIMER: mitigation.
Dec  5 16:55:46 servername DISCLAIMER: Historically, Red Hat has provided updated microcode, developed by our
Dec  5 16:55:46 servername DISCLAIMER: microprocessor partners, as a customer convenience. Red Hat had
Dec  5 16:55:46 servername DISCLAIMER: temporarily suspended this practice while microcode stabilized. Red
Dec  5 16:55:46 servername DISCLAIMER: Hat is once again providing an updated Intel microcode package
Dec  5 16:55:46 servername DISCLAIMER: (microcode_ctl) and AMD microcode package (linux-firmware) to customers
Dec  5 16:55:46 servername DISCLAIMER: in order to simplify deployment processes and minimize downtime.  We’ll
Dec  5 16:55:46 servername DISCLAIMER: continue to update these microcode packages as necessary. Please
Dec  5 16:55:46 servername DISCLAIMER: contact your hardware vendor to determine whether more recent
Dec  5 16:55:46 servername DISCLAIMER: BIOS/firmware updates are recommended because additional improvements
Dec  5 16:55:46 servername DISCLAIMER: may be available.
Dec  5 16:55:46 servername DISCLAIMER: This kbase https://access.redhat.com/articles/3436091 includes a table
Dec  5 16:55:46 servername DISCLAIMER: that maps Intel and AMD CPU processor code family names to updated
Dec  5 16:55:46 servername DISCLAIMER: Intel and AMD microcode package versions.
Dec  5 16:55:46 servername journal: This updated microcode supersedes microcode provided by Red Hat with#012the CVE-2017-5715 (“Spectre”) CPU branch injection vulnerability#012mitigation. #012Historically, Red Hat has provided updated microcode, developed by our#012microprocessor partners, as a customer convenience. Red Hat had#012temporarily suspended this practice while microcode stabilized. Red#012Hat is once again providing an updated Intel microcode package#012(microcode_ctl) and AMD microcode package (linux-firmware) to customers#012in order to simplify deployment processes and minimize downtime.  We’ll#012continue to update these microcode packages as necessary. Please#012contact your hardware vendor to determine whether more recent#012BIOS/firmware updates are recommended because additional improvements#012may be available. #012This kbase https://access.redhat.com/articles/3436091 includes a table#012that maps Intel and AMD CPU processor code family names to updated#012Intel and AMD microcode package versions.  
Dec  5 16:55:48 servername yum[1363]: Updated: 2:microcode_ctl-2.1-47.el7.x86_64
Dec  5 16:55:48 servername yum[1363]: Updated: systemd-python-219-62.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: net-tools-2.0-0.24.20131004git.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: libgudev1-219-62.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: dracut-config-rescue-033-554.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: sudo-1.8.23-3.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: kernel-tools-3.10.0-957.1.3.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: libsoup-2.62.2-2.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: 32:bind-libs-lite-9.9.4-72.el7.x86_64
Dec  5 16:55:49 servername yum[1363]: Updated: e2fsprogs-1.42.9-13.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: vsftpd-3.0.2-25.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: gobject-introspection-1.56.1-1.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: libcroco-0.6.12-4.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: pyOpenSSL-0.13.1-4.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: xfsprogs-4.5.0-18.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: 1:openssl-1.0.2k-16.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: alsa-lib-1.1.6-2.el7.x86_64
Dec  5 16:55:50 servername yum[1363]: Updated: man-db-2.6.3-11.el7.x86_64
Dec  5 16:55:51 servername yum[1363]: Updated: iprutils-2.4.16.1-1.el7.x86_64
Dec  5 16:55:51 servername yum[1363]: Updated: libgomp-4.8.5-36.el7.x86_64
Dec  5 16:55:51 servername yum[1363]: Updated: 1:dmidecode-3.1-2.el7.x86_64
Dec  5 16:55:51 servername yum[1363]: Updated: dialog-1.2-5.20130523.el7.x86_64
Dec  5 16:55:51 servername NetworkManager[655]: <info>  [1544025351.3467] manager: kernel firmware directory '/lib/firmware' changed
Dec  5 16:55:51 servername yum[1363]: Updated: iwl2030-firmware-18.168.6.1-69.el7.noarch
Dec  5 16:55:51 servername yum[1363]: Updated: iwl5000-firmware-8.83.5.1_1-69.el7.noarch
Dec  5 16:55:51 servername yum[1363]: Updated: iwl6000g2b-firmware-17.168.5.2-69.el7.noarch
Dec  5 16:55:51 servername yum[1363]: Updated: iwl4965-firmware-228.61.2.24-69.el7.noarch
Dec  5 16:55:51 servername yum[1363]: Updated: iwl100-firmware-39.31.5.1-69.el7.noarch
Dec  5 16:55:51 servername yum[1363]: Updated: iwl6000-firmware-9.221.4.1-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl7260-firmware-22.0.7.0-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl3160-firmware-22.0.7.0-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl105-firmware-18.168.6.1-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl5150-firmware-8.24.2.2-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl2000-firmware-18.168.6.1-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl3945-firmware-15.32.2.9-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl135-firmware-18.168.6.1-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl6000g2a-firmware-17.168.5.3-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: 1:iwl1000-firmware-39.31.5.1-69.el7.noarch
Dec  5 16:55:52 servername yum[1363]: Updated: iwl6050-firmware-41.28.5.1-69.el7.noarch
Dec  5 16:55:52 servername systemd: Reloading.
Dec  5 16:55:52 servername systemd: Stopping Service for virtual machines hosted on VMware...
Dec  5 16:55:52 servername systemd: Stopped Service for virtual machines hosted on VMware.
Dec  5 16:55:52 servername systemd: Stopping VGAuth Service for open-vm-tools...
Dec  5 16:55:52 servername systemd: Stopped VGAuth Service for open-vm-tools.
Dec  5 16:55:52 servername systemd: Started VGAuth Service for open-vm-tools.
Dec  5 16:55:52 servername systemd: Started Service for virtual machines hosted on VMware.
Dec  5 16:55:52 servername journal: Pref_Init: Using '/etc/vmware-tools/vgauth.conf' as preferences filepath
Dec  5 16:55:52 servername journal: Core dump limit set to -1
Dec  5 16:55:52 servername systemd: Reloading.
Dec  5 16:55:52 servername systemd: Stopping Service for virtual machines hosted on VMware...
Dec  5 16:55:52 servername systemd: Stopped Service for virtual machines hosted on VMware.
Dec  5 16:55:52 servername systemd: Stopping VGAuth Service for open-vm-tools...
Dec  5 16:55:52 servername systemd: Stopped VGAuth Service for open-vm-tools.
Dec  5 16:55:52 servername systemd: Started VGAuth Service for open-vm-tools.
Dec  5 16:55:52 servername systemd: Started Service for virtual machines hosted on VMware.
Dec  5 16:55:52 servername journal: Pref_Init: Using '/etc/vmware-tools/vgauth.conf' as preferences filepath
Dec  5 16:55:52 servername journal: Core dump limit set to -1
Dec  5 16:55:52 servername systemd: Reloading.
Dec  5 16:55:53 servername systemd: Stopping Dynamic System Tuning Daemon...
Dec  5 16:55:53 servername systemd: Stopped Dynamic System Tuning Daemon.
Dec  5 16:55:53 servername systemd: Starting Dynamic System Tuning Daemon...
Dec  5 16:55:53 servername systemd: Started Dynamic System Tuning Daemon.
Dec  5 16:55:56 servername NetworkManager[655]: <info>  [1544025356.1638] manager: kernel firmware directory '/lib/firmware' changed
Dec  5 16:55:56 servername systemd: Reloading.
Dec  5 16:55:56 servername systemd: Stopping Crash recovery kernel arming...
Dec  5 16:55:56 servername kdumpctl: kexec: unloaded kdump kernel
Dec  5 16:55:56 servername kdumpctl: Stopping kdump: [OK]
Dec  5 16:55:56 servername systemd: Stopped Crash recovery kernel arming.
Dec  5 16:55:56 servername systemd: Starting Crash recovery kernel arming...
Dec  5 16:55:56 servername kdumpctl: Detected change(s) in the following file(s):
Dec  5 16:55:56 servername kdumpctl: /etc/kdump.conf
Dec  5 16:55:56 servername kdumpctl: /usr/sbin/makedumpfile
Dec  5 16:55:56 servername kdumpctl: Rebuilding /boot/initramfs-3.10.0-862.14.4.el7.x86_64kdump.img
Dec  5 16:55:57 servername dracut: dracut-033-554.el7
Dec  5 16:55:57 servername dracut: Executing: /usr/sbin/dracut --hostonly --hostonly-cmdline --hostonly-i18n --hostonly-mode strict -o "plymouth dash resume ifcfg" --mount "/dev/mapper/centos_sftp-root /sysroot xfs defaults" --no-hostonly-default-device -f /boot/initramfs-3.10.0-862.14.4.el7.x86_64kdump.img 3.10.0-862.14.4.el7.x86_64
Dec  5 16:55:58 servername dracut: dracut module 'modsign' will not be installed, because command 'keyctl' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'busybox' will not be installed, because command 'busybox' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'ifcfg' will not be installed, because it's in the list to be omitted!
Dec  5 16:55:58 servername dracut: dracut module 'plymouth' will not be installed, because it's in the list to be omitted!
Dec  5 16:55:58 servername dracut: dracut module 'crypt' will not be installed, because command 'cryptsetup' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'mdraid' will not be installed, because command 'mdadm' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'multipath' will not be installed, because command 'multipath' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsistart' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
Dec  5 16:55:58 servername dracut: 95nfs: Could not find any command of 'rpcbind portmap'!
Dec  5 16:55:58 servername dracut: dracut module 'resume' will not be installed, because it's in the list to be omitted!
Dec  5 16:55:58 servername dracut: dracut module 'modsign' will not be installed, because command 'keyctl' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'busybox' will not be installed, because command 'busybox' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'crypt' will not be installed, because command 'cryptsetup' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'mdraid' will not be installed, because command 'mdadm' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'multipath' will not be installed, because command 'multipath' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsistart' could not be found!
Dec  5 16:55:58 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
Dec  5 16:55:58 servername dracut: 95nfs: Could not find any command of 'rpcbind portmap'!
Dec  5 16:55:58 servername dracut: *** Including module: bash ***
Dec  5 16:55:58 servername dracut: *** Including module: nss-softokn ***
Dec  5 16:55:58 servername dracut: *** Including module: i18n ***
Dec  5 16:55:58 servername dracut: *** Including module: drm ***
Dec  5 16:56:00 servername dracut: *** Including module: dm ***
Dec  5 16:56:00 servername dracut: Skipping udev rule: 64-device-mapper.rules
Dec  5 16:56:00 servername dracut: Skipping udev rule: 60-persistent-storage-dm.rules
Dec  5 16:56:00 servername dracut: Skipping udev rule: 55-dm.rules
Dec  5 16:56:00 servername dracut: *** Including module: kernel-modules ***
Dec  5 16:56:08 servername dracut: *** Including module: lvm ***
Dec  5 16:56:08 servername dracut: Skipping udev rule: 64-device-mapper.rules
Dec  5 16:56:08 servername dracut: Skipping udev rule: 56-lvm.rules
Dec  5 16:56:08 servername dracut: Skipping udev rule: 60-persistent-storage-lvm.rules
Dec  5 16:56:08 servername dracut: *** Including module: fstab-sys ***
Dec  5 16:56:08 servername dracut: *** Including module: rootfs-block ***
Dec  5 16:56:08 servername dracut: *** Including module: terminfo ***
Dec  5 16:56:08 servername dracut: *** Including module: udev-rules ***
Dec  5 16:56:08 servername dracut: Skipping udev rule: 40-redhat-cpu-hotplug.rules
Dec  5 16:56:08 servername dracut: Skipping udev rule: 91-permissions.rules
Dec  5 16:56:08 servername dracut: *** Including module: biosdevname ***
Dec  5 16:56:08 servername dracut: *** Including module: systemd ***
Dec  5 16:56:09 servername dracut: *** Including module: usrmount ***
Dec  5 16:56:09 servername dracut: *** Including module: base ***
Dec  5 16:56:09 servername dracut: *** Including module: fs-lib ***
Dec  5 16:56:09 servername dracut: *** Including module: kdumpbase ***
Dec  5 16:56:09 servername dracut: *** Including module: microcode_ctl-fw_dir_override ***
Dec  5 16:56:09 servername dracut:  microcode_ctl module: mangling fw_dir
Dec  5 16:56:09 servername dracut:    microcode_ctl: reset fw_dir to "/lib/firmware/updates /lib/firmware"
Dec  5 16:56:09 servername dracut:    microcode_ctl: processing data directory  "/usr/share/microcode_ctl/ucode_with_caveats/intel-06-4f-01"...
Dec  5 16:56:09 servername dracut:    microcode_ctl: kernel version "3.10.0-862.14.4.el7.x86_64" failed early load check for "intel-06-4f-01", skipping
Dec  5 16:56:09 servername dracut:    microcode_ctl: processing data directory  "/usr/share/microcode_ctl/ucode_with_caveats/intel"...
Dec  5 16:56:09 servername dracut:    microcode_ctl: intel: Host-Only mode is enabled and "intel-ucode/06-3f-02" matches "intel-ucode/*"
Dec  5 16:56:09 servername dracut:      microcode_ctl: intel: caveats check for kernel version "3.10.0-862.14.4.el7.x86_64" passed, adding "/usr/share/microcode_ctl/ucode_with_caveats/intel" to fw_dir variable
Dec  5 16:56:09 servername dracut:    microcode_ctl: final fw_dir: "/usr/share/microcode_ctl/ucode_with_caveats/intel /lib/firmware/updates /lib/firmware"
Dec  5 16:56:09 servername dracut: *** Including module: shutdown ***
Dec  5 16:56:09 servername dracut: *** Including modules done ***
Dec  5 16:56:10 servername dracut: *** Installing kernel module dependencies and firmware ***
Dec  5 16:56:10 servername dracut: *** Installing kernel module dependencies and firmware done ***
Dec  5 16:56:10 servername dracut: *** Resolving executable dependencies ***
Dec  5 16:56:11 servername dracut: *** Resolving executable dependencies done***
Dec  5 16:56:11 servername dracut: *** Hardlinking files ***
Dec  5 16:56:11 servername dracut: *** Hardlinking files done ***
Dec  5 16:56:11 servername dracut: *** Stripping files ***
Dec  5 16:56:11 servername dracut: *** Stripping files done ***
Dec  5 16:56:11 servername dracut: *** Generating early-microcode cpio image contents ***
Dec  5 16:56:11 servername dracut: *** Constructing GenuineIntel.bin ****
Dec  5 16:56:11 servername dracut: *** Constructing GenuineIntel.bin ****
Dec  5 16:56:11 servername dracut: *** Store current command line parameters ***
Dec  5 16:56:11 servername dracut: *** Creating image file ***
Dec  5 16:56:11 servername dracut: *** Creating microcode section ***
Dec  5 16:56:11 servername dracut: *** Created microcode section ***
Dec  5 16:56:18 servername dracut: *** Creating image file done ***
Dec  5 16:56:21 servername dracut: *** Creating initramfs image file '/boot/initramfs-3.10.0-862.14.4.el7.x86_64kdump.img' done ***
Dec  5 16:56:21 servername kdumpctl: kexec: loaded kdump kernel
Dec  5 16:56:21 servername kdumpctl: Starting kdump: [OK]
Dec  5 16:56:21 servername systemd: Started Crash recovery kernel arming.
Dec  5 16:56:21 servername systemd: Reloading.
Dec  5 16:56:21 servername systemd: Reloading.
Dec  5 16:56:21 servername systemd: Stopping LVM2 metadata daemon...
Dec  5 16:56:21 servername systemd: Stopped LVM2 metadata daemon.
Dec  5 16:56:21 servername systemd: Started LVM2 metadata daemon.
Dec  5 16:56:21 servername systemd: Reloading.
Dec  5 16:56:22 servername systemd: Reloading.
Dec  5 16:56:22 servername systemd: Stopping System Logging Service...
Dec  5 16:56:22 servername rsyslogd: [origin software="rsyslogd" swVersion="8.24.0" x-pid="946" x-info="http://www.rsyslog.com"] exiting on signal 15.
Dec  5 16:56:22 servername systemd: Stopped System Logging Service.
Dec  5 16:56:22 servername systemd: Starting System Logging Service...
Dec  5 16:56:22 servername rsyslogd: [origin software="rsyslogd" swVersion="8.24.0-34.el7" x-pid="20734" x-info="http://www.rsyslog.com"] start
Dec  5 16:56:22 servername systemd: Started System Logging Service.
Dec  5 16:56:22 servername systemd: Reloading.
Dec  5 16:56:22 servername systemd: Stopping Postfix Mail Transport Agent...
Dec  5 16:56:22 servername systemd: Stopped Postfix Mail Transport Agent.
Dec  5 16:56:22 servername systemd: Starting Postfix Mail Transport Agent...
Dec  5 16:56:22 servername systemd: Started Postfix Mail Transport Agent.
Dec  5 16:56:22 servername auditd[605]: The audit daemon is exiting.
Dec  5 16:56:22 servername kernel: type=1305 audit(1544025382.887:164): audit_pid=0 old=605 auid=4294967295 ses=4294967295 res=1
Dec  5 16:56:22 servername kernel: type=1130 audit(1544025382.889:165): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Dec  5 16:56:22 servername kernel: type=1131 audit(1544025382.889:166): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Dec  5 16:56:23 servername systemd: Starting Security Auditing Service...
Dec  5 16:56:23 servername auditd[20878]: Started dispatcher: /sbin/audispd pid: 20880
Dec  5 16:56:23 servername audispd: No plugins found, exiting
Dec  5 16:56:23 servername kernel: type=1305 audit(1544025383.888:167): audit_enabled=1 old=1 auid=4294967295 ses=4294967295 res=1
Dec  5 16:56:23 servername kernel: type=1305 audit(1544025383.888:168): audit_pid=20878 old=0 auid=4294967295 ses=4294967295 res=1
Dec  5 16:56:23 servername auditd[20878]: Init complete, auditd 2.8.4 listening for events (startup state enable)
Dec  5 16:56:24 servername augenrules: /sbin/augenrules: No change
Dec  5 16:56:24 servername augenrules: No rules
Dec  5 16:56:24 servername augenrules: enabled 1
Dec  5 16:56:24 servername augenrules: failure 1
Dec  5 16:56:24 servername augenrules: pid 20878
Dec  5 16:56:24 servername augenrules: rate_limit 0
Dec  5 16:56:24 servername augenrules: backlog_limit 320
Dec  5 16:56:24 servername augenrules: lost 0
Dec  5 16:56:24 servername augenrules: backlog 1
Dec  5 16:56:24 servername systemd: Started Security Auditing Service.
Dec  5 16:56:24 servername systemd: Reloading.
Dec  5 16:56:24 servername systemd: Stopping Fail2Ban Service...
Dec  5 16:56:25 servername fail2ban-client: Shutdown successful
Dec  5 16:56:25 servername systemd: Stopped Fail2Ban Service.
Dec  5 16:56:25 servername systemd: Stopping firewalld - dynamic firewall daemon...
Dec  5 16:56:25 servername kernel: Ebtables v2.0 unregistered
Dec  5 16:56:25 servername systemd: Stopped firewalld - dynamic firewall daemon.
Dec  5 16:56:25 servername systemd: Starting firewalld - dynamic firewall daemon...
Dec  5 16:56:25 servername systemd: Started firewalld - dynamic firewall daemon.
Dec  5 16:56:25 servername systemd: Starting Fail2Ban Service...
Dec  5 16:56:25 servername kernel: ip_tables: (C) 2000-2006 Netfilter Core Team
Dec  5 16:56:25 servername kernel: ip6_tables: (C) 2000-2006 Netfilter Core Team
Dec  5 16:56:25 servername fail2ban-client: 2018-12-05 16:56:25,830 fail2ban.server         [20982]: INFO    Starting Fail2ban v0.9.7
Dec  5 16:56:25 servername fail2ban-client: 2018-12-05 16:56:25,830 fail2ban.server         [20982]: INFO    Starting in daemon mode
Dec  5 16:56:25 servername kernel: Ebtables v2.0 registered
Dec  5 16:56:25 servername systemd: Reloading.
Dec  5 16:56:26 servername kernel: nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
Dec  5 16:56:26 servername systemd: Started Fail2Ban Service.
Dec  5 16:56:27 servername systemd: Reloading.
Dec  5 16:56:27 servername systemd: Stopping Command Scheduler...
Dec  5 16:56:27 servername systemd: Stopped Command Scheduler.
Dec  5 16:56:27 servername systemd: Started Command Scheduler.
Dec  5 16:56:27 servername systemd: Reloading.
Dec  5 16:56:28 servername systemd: Stopping Vsftpd ftp daemon...
Dec  5 16:56:28 servername systemd: Stopped Vsftpd ftp daemon.
Dec  5 16:56:28 servername systemd: Starting Vsftpd ftp daemon...
Dec  5 16:56:28 servername systemd: Started Vsftpd ftp daemon.
Dec  5 16:56:28 servername systemd: Reloading.
Dec  5 16:56:28 servername systemd: Reloading.
Dec  5 16:56:28 servername systemd: Reloading.
Dec  5 16:56:28 servername systemd: Reloading.
Dec  5 16:56:28 servername systemd: Stopping Authorization Manager...
Dec  5 16:56:28 servername systemd: Stopping Dynamic System Tuning Daemon...
Dec  5 16:56:28 servername systemd: Stopped Authorization Manager.
Dec  5 16:56:28 servername systemd: Starting Authorization Manager...
Dec  5 16:56:28 servername polkitd[21417]: Started polkitd version 0.112
Dec  5 16:56:28 servername systemd: Started Authorization Manager.
Dec  5 16:56:29 servername systemd: Reloading.
Dec  5 16:56:29 servername systemd: Stopped Dynamic System Tuning Daemon.
Dec  5 16:56:29 servername systemd: Starting Dynamic System Tuning Daemon...
Dec  5 16:56:30 servername systemd: Started Dynamic System Tuning Daemon.
Dec  5 16:56:30 servername systemd: Reloading.
Dec  5 16:56:31 servername systemd: Reloading.
Dec  5 16:56:31 servername systemd: Reloading.
Dec  5 16:56:40 servername dracut: dracut-033-554.el7
Dec  5 16:56:40 servername dracut: Executing: /sbin/dracut -f /boot/initramfs-3.10.0-957.1.3.el7.x86_64.img 3.10.0-957.1.3.el7.x86_64
Dec  5 16:56:41 servername dracut: dracut module 'modsign' will not be installed, because command 'keyctl' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'busybox' will not be installed, because command 'busybox' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'crypt' will not be installed, because command 'cryptsetup' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'mdraid' will not be installed, because command 'mdadm' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'multipath' will not be installed, because command 'multipath' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsistart' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
Dec  5 16:56:41 servername dracut: 95nfs: Could not find any command of 'rpcbind portmap'!
Dec  5 16:56:41 servername dracut: dracut module 'modsign' will not be installed, because command 'keyctl' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'busybox' will not be installed, because command 'busybox' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'crypt' will not be installed, because command 'cryptsetup' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'mdraid' will not be installed, because command 'mdadm' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'multipath' will not be installed, because command 'multipath' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsistart' could not be found!
Dec  5 16:56:41 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
Dec  5 16:56:41 servername dracut: 95nfs: Could not find any command of 'rpcbind portmap'!
Dec  5 16:56:41 servername dracut: *** Including module: bash ***
Dec  5 16:56:41 servername dracut: *** Including module: nss-softokn ***
Dec  5 16:56:41 servername dracut: *** Including module: i18n ***
Dec  5 16:56:41 servername dracut: *** Including module: network ***
Dec  5 16:56:42 servername dracut: *** Including module: ifcfg ***
Dec  5 16:56:42 servername dracut: *** Including module: drm ***
Dec  5 16:56:44 servername dracut: *** Including module: plymouth ***
Dec  5 16:56:44 servername dracut: *** Including module: dm ***
Dec  5 16:56:44 servername dracut: Skipping udev rule: 64-device-mapper.rules
Dec  5 16:56:44 servername dracut: Skipping udev rule: 60-persistent-storage-dm.rules
Dec  5 16:56:44 servername dracut: Skipping udev rule: 55-dm.rules
Dec  5 16:56:44 servername dracut: *** Including module: kernel-modules ***
Dec  5 16:56:52 servername dracut: *** Including module: lvm ***
Dec  5 16:56:52 servername dracut: Skipping udev rule: 64-device-mapper.rules
Dec  5 16:56:52 servername dracut: Skipping udev rule: 56-lvm.rules
Dec  5 16:56:52 servername dracut: Skipping udev rule: 60-persistent-storage-lvm.rules
Dec  5 16:56:53 servername dracut: *** Including module: resume ***
Dec  5 16:56:53 servername dracut: *** Including module: rootfs-block ***
Dec  5 16:56:53 servername dracut: *** Including module: terminfo ***
Dec  5 16:56:53 servername dracut: *** Including module: udev-rules ***
Dec  5 16:56:53 servername dracut: Skipping udev rule: 40-redhat-cpu-hotplug.rules
Dec  5 16:56:53 servername dracut: Skipping udev rule: 91-permissions.rules
Dec  5 16:56:53 servername dracut: *** Including module: biosdevname ***
Dec  5 16:56:53 servername dracut: *** Including module: systemd ***
Dec  5 16:56:53 servername dracut: *** Including module: usrmount ***
Dec  5 16:56:53 servername dracut: *** Including module: base ***
Dec  5 16:56:53 servername dracut: *** Including module: fs-lib ***
Dec  5 16:56:53 servername dracut: *** Including module: microcode_ctl-fw_dir_override ***
Dec  5 16:56:53 servername dracut:  microcode_ctl module: mangling fw_dir
Dec  5 16:56:53 servername dracut:    microcode_ctl: reset fw_dir to "/lib/firmware/updates /lib/firmware"
Dec  5 16:56:53 servername dracut:    microcode_ctl: processing data directory  "/usr/share/microcode_ctl/ucode_with_caveats/intel-06-4f-01"...
Dec  5 16:56:53 servername dracut:    microcode_ctl: kernel version "3.10.0-957.1.3.el7.x86_64" failed early load check for "intel-06-4f-01", skipping
Dec  5 16:56:53 servername dracut:    microcode_ctl: processing data directory  "/usr/share/microcode_ctl/ucode_with_caveats/intel"...
Dec  5 16:56:53 servername dracut:    microcode_ctl: intel: Host-Only mode is enabled and "intel-ucode/06-3f-02" matches "intel-ucode/*"
Dec  5 16:56:53 servername dracut:      microcode_ctl: intel: caveats check for kernel version "3.10.0-957.1.3.el7.x86_64" passed, adding "/usr/share/microcode_ctl/ucode_with_caveats/intel" to fw_dir variable
Dec  5 16:56:53 servername dracut:    microcode_ctl: final fw_dir: "/usr/share/microcode_ctl/ucode_with_caveats/intel /lib/firmware/updates /lib/firmware"
Dec  5 16:56:53 servername dracut: *** Including module: shutdown ***
Dec  5 16:56:53 servername dracut: *** Including modules done ***
Dec  5 16:56:53 servername dracut: *** Installing kernel module dependencies and firmware ***
Dec  5 16:56:54 servername dracut: *** Installing kernel module dependencies and firmware done ***
Dec  5 16:56:54 servername dracut: *** Resolving executable dependencies ***
Dec  5 16:56:55 servername dracut: *** Resolving executable dependencies done***
Dec  5 16:56:55 servername dracut: *** Hardlinking files ***
Dec  5 16:56:55 servername dracut: *** Hardlinking files done ***
Dec  5 16:56:55 servername dracut: *** Stripping files ***
Dec  5 16:56:55 servername dracut: *** Stripping files done ***
Dec  5 16:56:55 servername dracut: *** Generating early-microcode cpio image contents ***
Dec  5 16:56:55 servername dracut: *** Constructing GenuineIntel.bin ****
Dec  5 16:56:55 servername dracut: *** Store current command line parameters ***
Dec  5 16:56:55 servername dracut: *** Creating image file ***
Dec  5 16:56:55 servername dracut: *** Creating microcode section ***
Dec  5 16:56:55 servername dracut: *** Created microcode section ***
Dec  5 16:57:05 servername dracut: *** Creating image file done ***
Dec  5 16:57:11 servername dracut: *** Creating initramfs image file '/boot/initramfs-3.10.0-957.1.3.el7.x86_64.img' done ***
Dec  5 16:57:11 servername dracut: dracut-033-554.el7
Dec  5 16:57:11 servername dracut: Executing: /sbin/dracut -f
Dec  5 16:57:12 servername dracut: dracut module 'modsign' will not be installed, because command 'keyctl' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'busybox' will not be installed, because command 'busybox' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'crypt' will not be installed, because command 'cryptsetup' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'mdraid' will not be installed, because command 'mdadm' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'multipath' will not be installed, because command 'multipath' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsistart' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
Dec  5 16:57:12 servername dracut: 95nfs: Could not find any command of 'rpcbind portmap'!
Dec  5 16:57:12 servername dracut: dracut module 'modsign' will not be installed, because command 'keyctl' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'busybox' will not be installed, because command 'busybox' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'crypt' will not be installed, because command 'cryptsetup' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'mdraid' will not be installed, because command 'mdadm' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'multipath' will not be installed, because command 'multipath' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'cifs' will not be installed, because command 'mount.cifs' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsistart' could not be found!
Dec  5 16:57:12 servername dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found!
Dec  5 16:57:12 servername dracut: 95nfs: Could not find any command of 'rpcbind portmap'!
Dec  5 16:57:12 servername dracut: *** Including module: bash ***
Dec  5 16:57:12 servername dracut: *** Including module: nss-softokn ***
Dec  5 16:57:12 servername dracut: *** Including module: i18n ***
Dec  5 16:57:12 servername dracut: *** Including module: network ***
Dec  5 16:57:13 servername dracut: *** Including module: ifcfg ***
Dec  5 16:57:13 servername dracut: *** Including module: drm ***
Dec  5 16:57:14 servername dracut: *** Including module: plymouth ***
Dec  5 16:57:14 servername dracut: *** Including module: dm ***
Dec  5 16:57:15 servername dracut: Skipping udev rule: 64-device-mapper.rules
Dec  5 16:57:15 servername dracut: Skipping udev rule: 60-persistent-storage-dm.rules
Dec  5 16:57:15 servername dracut: Skipping udev rule: 55-dm.rules
Dec  5 16:57:15 servername dracut: *** Including module: kernel-modules ***
Dec  5 16:57:22 servername dracut: *** Including module: lvm ***
Dec  5 16:57:22 servername dracut: Skipping udev rule: 64-device-mapper.rules
Dec  5 16:57:22 servername dracut: Skipping udev rule: 56-lvm.rules
Dec  5 16:57:22 servername dracut: Skipping udev rule: 60-persistent-storage-lvm.rules
Dec  5 16:57:22 servername dracut: *** Including module: resume ***
Dec  5 16:57:22 servername dracut: *** Including module: rootfs-block ***
Dec  5 16:57:22 servername dracut: *** Including module: terminfo ***
Dec  5 16:57:22 servername dracut: *** Including module: udev-rules ***
Dec  5 16:57:22 servername dracut: Skipping udev rule: 40-redhat-cpu-hotplug.rules
Dec  5 16:57:23 servername dracut: Skipping udev rule: 91-permissions.rules
Dec  5 16:57:23 servername dracut: *** Including module: biosdevname ***
Dec  5 16:57:23 servername dracut: *** Including module: systemd ***
Dec  5 16:57:23 servername dracut: *** Including module: usrmount ***
Dec  5 16:57:23 servername dracut: *** Including module: base ***
Dec  5 16:57:23 servername dracut: *** Including module: fs-lib ***
Dec  5 16:57:23 servername dracut: *** Including module: microcode_ctl-fw_dir_override ***
Dec  5 16:57:23 servername dracut:  microcode_ctl module: mangling fw_dir
Dec  5 16:57:23 servername dracut:    microcode_ctl: reset fw_dir to "/lib/firmware/updates /lib/firmware"
Dec  5 16:57:23 servername dracut:    microcode_ctl: processing data directory  "/usr/share/microcode_ctl/ucode_with_caveats/intel-06-4f-01"...
Dec  5 16:57:23 servername dracut:    microcode_ctl: kernel version "3.10.0-862.14.4.el7.x86_64" failed early load check for "intel-06-4f-01", skipping
Dec  5 16:57:23 servername dracut:    microcode_ctl: processing data directory  "/usr/share/microcode_ctl/ucode_with_caveats/intel"...
Dec  5 16:57:23 servername dracut:    microcode_ctl: intel: Host-Only mode is enabled and "intel-ucode/06-3f-02" matches "intel-ucode/*"
Dec  5 16:57:23 servername dracut:      microcode_ctl: intel: caveats check for kernel version "3.10.0-862.14.4.el7.x86_64" passed, adding "/usr/share/microcode_ctl/ucode_with_caveats/intel" to fw_dir variable
Dec  5 16:57:23 servername dracut:    microcode_ctl: final fw_dir: "/usr/share/microcode_ctl/ucode_with_caveats/intel /lib/firmware/updates /lib/firmware"
Dec  5 16:57:23 servername dracut: *** Including module: shutdown ***
Dec  5 16:57:23 servername dracut: *** Including modules done ***
Dec  5 16:57:23 servername dracut: *** Installing kernel module dependencies and firmware ***
Dec  5 16:57:24 servername dracut: *** Installing kernel module dependencies and firmware done ***
Dec  5 16:57:24 servername dracut: *** Resolving executable dependencies ***
Dec  5 16:57:24 servername dracut: *** Resolving executable dependencies done***
Dec  5 16:57:24 servername dracut: *** Hardlinking files ***
Dec  5 16:57:25 servername dracut: *** Hardlinking files done ***
Dec  5 16:57:25 servername dracut: *** Stripping files ***
Dec  5 16:57:25 servername dracut: *** Stripping files done ***
Dec  5 16:57:25 servername dracut: *** Generating early-microcode cpio image contents ***
Dec  5 16:57:25 servername dracut: *** Constructing GenuineIntel.bin ****
Dec  5 16:57:25 servername dracut: *** Store current command line parameters ***
Dec  5 16:57:25 servername dracut: *** Creating image file ***
Dec  5 16:57:25 servername dracut: *** Creating microcode section ***
Dec  5 16:57:25 servername dracut: *** Created microcode section ***
Dec  5 16:57:35 servername dracut: *** Creating image file done ***
Dec  5 16:57:35 servername journal: Suppressed 166 messages from /user.slice/user-0.slice
Dec  5 16:57:41 servername dracut: *** Creating initramfs image file '/boot/initramfs-3.10.0-862.14.4.el7.x86_64.img' done ***

stevemowbray
Posts: 519
Joined: 2012/06/26 14:20:47

Re: Update 7.6 killed vsftpd, Help!

Post by stevemowbray » 2018/12/05 16:33:18

Did you restart the system after the update? Your update includes the kernel, systemd and other components that require a reboot.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Update 7.6 killed vsftpd, Help!

Post by TrevorH » 2018/12/05 17:10:15

Unfortunately yum-plugin-security is non-functional on CentOS due to lack of security related metadata in the yum repos. It does not work and has the opposite effect as no updates will ever be applied (none are security related).

I would suggest cranking the loglevels of things up a notch to get more info. Start with vsftpd and see if you can get it to tell you _why_ the login failed. If all else fails, you could strace the vsftpd main process and all its children and see if you can get clues from that output.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

ciccipuzzo
Posts: 4
Joined: 2018/12/05 14:27:57

Re: Update 7.6 killed vsftpd, Help!

Post by ciccipuzzo » 2018/12/05 20:36:02

stevemowbray wrote:
2018/12/05 16:33:18
Did you restart the system after the update? Your update includes the kernel, systemd and other components that require a reboot.
Yes, tried, didn't help.
I would suggest cranking the loglevels of things up a notch to get more info. Start with vsftpd and see if you can get it to tell you _why_ the login failed. If all else fails, you could strace the vsftpd main process and all its children and see if you can get clues from that output.
Sorry but i don't understand what you suggest.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Update 7.6 killed vsftpd, Help!

Post by TrevorH » 2018/12/05 23:33:01

I'm saying that you don't have enough information at present to determine the cause. So therefore you need to adjust things to log more info so you can. Start by adjust vsftpd to log more info.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

ziggimon
Posts: 1
Joined: 2018/12/06 09:15:21
Location: Aarhus, Denmark

Re: Update 7.6 killed vsftpd, Help!

Post by ziggimon » 2018/12/06 09:20:12

This is related to the 7.6 update from Red Hat. They have removed /sbin/nologin from the /etc/shells file thus vsftpd login fails because /etc/pam.d/vsftpd has: auth require pam_shells.so

Either comment out the pam_shells.so line to disable shell access for vsftpd or add /sbin/nologin back into /etc/shells

More information in the RHEL release notes here: https://access.redhat.com/documentation ... d_services

ciccipuzzo
Posts: 4
Joined: 2018/12/05 14:27:57

Re: Update 7.6 killed vsftpd, Help!

Post by ciccipuzzo » 2018/12/07 00:42:09

ziggimon wrote:
2018/12/06 09:20:12
This is related to the 7.6 update from Red Hat. They have removed /sbin/nologin from the /etc/shells file thus vsftpd login fails because /etc/pam.d/vsftpd has: auth require pam_shells.so

Either comment out the pam_shells.so line to disable shell access for vsftpd or add /sbin/nologin back into /etc/shells

More information in the RHEL release notes here: https://access.redhat.com/documentation ... d_services
Thanks man, I have readded /sbin/nologins in /etc/shells on test machine and it works.
However RedHat documentations says:
However, note that this workaround exposes vsftpd to the security risk described at https://access.redhat.com/security/cve/cve-2018-1113. (BZ#1647485, BZ#1571104)
Is there a solution that restore FTP functionality without exposing vsftpd to a vulnerability? Our production server is enough protected, just some specific IP are allowed but who knows..

Meanwhile many thanks!

gulikoza
Posts: 188
Joined: 2007/05/06 20:15:23

Re: [SOLVED] Update 7.6 killed vsftpd

Post by gulikoza » 2018/12/14 18:52:11

OMG, really? /sbin/nologin was **specifically** added to allow ftp logins while disallowing shell logins. Now somebody thinks that's a vulnerability? NO IT'S NOT, IT'S SUPPOSED TO WORK THAT WAY, it's even listed in the RHCSA materials!

"Under some circumstances, users which had their shell changed to /sbin/nologin could still access the system."

YES, UNDER THE CIRCUMSTANCES OF USING the FTP daemon. That's the whole point!!
YES, YOU ARE SUPPOSED TO CHANGE THE SHELL to /bin/false IF YOU WANT TO PREVENT THE LOGINS, it says that in every documentation.

But now it's a known issue...and the next step is having the PCI-DSS guys explain it to me that my systems are vulnerable by allowing the users to login.

sigh...rant over.

Post Reply