Page tree
For cPanel & WHM version 82.

Skip to end of metadata
Go to start of metadata


The /usr/local/cpanel/scripts/check_cpanel_rpms script scans every installed RedHat® Package Manager (RPM) file on your server for problems. This script can also reinstall any affected RPMs to repair them.


To run the /usr/local/cpanel/scripts/check_cpanel_rpms script nightly, use the Maintenance cPanel RPM Check and Maintenance cPanel RPM Digest Check settings in the Software section of WHM's Tweak Settings interface (WHM >> Home >> Server Configuration >> Tweak Settings). 

Script functions

The /usr/local/cpanel/scripts/check_cpanel_rpms script performs four basic functions each time that it runs:

  1. Discovers missing RPMs.
  2. Tracks RPMs that are out-of-date and need updates.
  3. Checks for any altered RPMs. Altered RPMs meet any of the following conditions:
    • Their ownership has changed.
    • Their mode has changed.
    • An MD5 checksum does not exist.
    • They are symlinks, and the file points to the wrong path.
    • They are missing.
  4. Checks whether to uninstall any cPanel-managed RPMs.


The /usr/local/cpanel/scripts/check_cpanel_rpms script does not check for problems with incorrect file permissions.


If the /usr/local/cpanel/scripts/check_cpanel_rpms script does not detect any problems, it will not produce any output.

Run the /usr/local/cpanel/scripts/check_cpanel_rpms script

To run the /usr/local/cpanel/scripts/check_cpanel_rpms script on the command line, use the following format:

/usr/local/cpanel/scripts/check_cpanel_rpms [options]


You can use the following options with the /usr/local/cpanel/scripts/check_cpanel_rpms script:

--download-onlyDownloads the RPMs and then exits.
--fixShows any problems and automatically corrects them.
--list-onlyLists altered RPMs and then exits.
--long-listShows the altered RPMs and files in an easily-parsed format.

Installs missing RPMs and uninstalls unneeded RPMs. The script will not check for broken RPMs.


Performs a size validation. This option will not report altered RPMs. If the script detects an altered RPM, but the file size is identical, this option will not report the change.


This option applies the --nodigest and --nomd5 options to the rpm -Vv check.

--nodirThe script will not read the /var/cpanel/rpm.versions.d directory.
--notifySends a notification that lists any altered RPMs. Then, describes any actions that the system performed.
--targetsFilters RPMs based on provided targets (comma-delimited).

For example, to use the --fix option, run the following command:

/usr/local/cpanel/scripts/check_cpanel_rpms --fix

Checks performed

The /usr/local/cpanel/scripts/check_cpanel_rpms script runs the rpm -Vv check on all cPanel-managed RPMs. This checks for changes in the files since their installation. The script does not check configuration and documentation files.


If the output indicates that only Mode or mTime have changed, the script will not report that as an altered RPM. 

The output of the rpm -Vv check lists the following changes:

SFile size differs.
MMode differs. (This includes permissions and file type.)
5MD5 sum differs.
DDevice major or minor number mismatch.
LreadLink(2) path mismatch.
UUser ownership differs.
GGroup ownership differs.
TmTime differs.
PCapabilities differ.

Additional documentation