this is a general question, i dont know if this group is the right place to ask it, but since i am running Barracuda Octopus Aegir, what the heck.
3 weeks ago i put up some test sites. i went into the account section and made it so that visitors could not automactically register for an account, admin only. before that in previous installs, my mailbox would get crowded with pending account emails for sites with no content on them. anyway, it was working, no account user pending emails.
sunday, i get this email from "root"
[blockquote] Sun Sep 18 03:04:07 2011 -0400
The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:
/usr/sbin/csf: FAILED
/usr/sbin/lfd: FAILED[/blockquote]
i had not made any changes in the past 2 week on my server or BOA.
and now my mailbox is again getting flooded with pending user accounts. sure enough, i checked all my sites and somehow they were able to change
the "Who can register accounts?" selection from what i had set-"Administrators only" to "Visitors, but administrator approval is required". so now i have to go back to all my sites and reselect for "Administrators only" in the account settings section.
my question is: is this connected? and what should i do? thanks.
Comments
This warning about csf/lfd
This warning about csf/lfd changed is normal, because
AUTO_UPDATES = "1"is set by default in/etc/csf/csf.conf.However, it is not connected in any way with any Drupal settings being reverted. Do you use some custom feature where you have these settings enabled maybe? Does this feature enable modules like dblog, update or devel? If yes, then
/var/xdrago/usage.shscript running daily will revert/disable this feature. I don't see any other reason why it could happen.i havent added ANYTHING, no
i havent added ANYTHING, no other modules other than what is already in your script. and i wasnt getting them for 3 weeks. is there some other way i can check to see how this is being done?
Then I don't see any reason
Then I don't see any reason why it could happen. BOA doesn't touch your sites configuration if you don't use any custom Feature with modules I listed above.
I had a similar thing happen
I had a similar thing happen with several new sites I thought I had locked down.
I have a "feature" that is activated in the install profile that sets this property to Admin only for creating logins. So this should all have been set as a default.
And a day or so ago, I had about a dozen "requests" to be members?? This should not have been possible!!
So that makes two occurrences of the problem - does that make it an epidemic yet?
http://geoff.com.au - http://redronin.com
Do you include in your
Do you include in your Feature any module listed in my first comment above?
Same Here
I'm in a similar situation with a site/server I haven't touched in at least 3+ weeks.
At 12:42AM this morning, a person from Russia attempted to create an account on a site I have set to automatically block any new account for admin approval. So the user became authenticated but blocked.
Then later this morning, I get this:
The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:
/usr/sbin/csf: FAILED
/usr/sbin/lfd: FAILED
This message was sent to me via e-mail at 5:05 CST.
You can check csf updates
You can check csf updates here:
http://blog.configserver.com/
Cheers