• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Suddenly getting ASL errors today

Hi, I've got the same error message here on two vServer with 12.0.18 Update #89 and 12.5.30 Update #42

@IgorG:
root@x:~# dpkg -S "/etc/asl/config"
aum: /etc/asl/config
root@x:~# dpkg -l | grep aum
ii aum 4.0.19-38 amd64 Atomicorp Updater Modified
root@x:~#
 
Hy,

i have the same error on CentOS6.5 and reinstall modsecurity. But this not helps.

Mail say:
Code:
/etc/cron.hourly/asl:
Error: ASL has not been configured
run-parts: /etc/cron.hourly/asl exited with return code 1

i open the /etc/asl/config
Here i found in the last line :
Code:
CONFIGURED="yes"
But i become the error mail, did anybody know why?

in the backup file under "/var/asl/rbc/etc/asl/config" i have the same with "no" and default user an pw.
 
Same problem here since today with Plesk 12.5 and MU43 (hourly mail with return code 1) ...

Greetings from Germany
Henning
 
Hi
Ubuntu 14.04.5 12.5. MU43
I did also the config copy as mentioned by ankn99.
Result: run-parts: /etc/crom.hourly/asl exited with return code 127
Any ideas?
 
Same here. Started with
Code:
/etc/cron.daily/drweb-update:
ERROR: Dr.Web Updater: failed to download files !
run-parts: /etc/cron.daily/drweb-update exited with return code 109

and now every hour:
Code:
/etc/cron.hourly/asl:
Error: ASL has not been configured
run-parts: /etc/cron.hourly/asl exited with return code 1

as i can see, some new Problems started with that fix from @ankn99 so i'll wait....
 
DO NOT APPLY THIS FIX. See this post:
Suddenly getting ASL errors today


Hi,

to fix "return code 127" you have to do the following:

# cp -a /var/asl/bin/asl_cli_c /var/asl/bin/asl_cli_c.backup
# ln -s /var/asl/bin/asl_cli_c /var/asl/bin/asl

Now edit /var/asl/bin/asl_cli_c and change the Shebang from "#!/var/asl/usr/bin/php" to "#!/usr/bin/php"

At least here is seems to work.

Hope it helps
Regards
Kristian

Note: As I am not aware of if asl is the same as asl_cli_c I can not tell if this is the correct approach to fix this issue. It just seems to be working here. Hope Atomic Corp will fix this issue in their packages. So as usual "No warranty for all this" :)
 
Last edited:
Hi again,

just for the notes.
Prior to last nights update of "aum" by Plesk, there was no cronjob for aum.
As the cronjob refers to files that are not there, it gives the mentioned errors.

I guess this should and will be fixed by "Atomic Corp".

The interesting thing is that even with the previous version of the aum package there was no file "var/asl/bin/asl nor /var/asl/bin/php but in the postinst Script of the deb-file there was a "ln -s -f /var/asl/bin/aum /usr/bin/aum"

So prior last nights update there should have been a dead symlink from /usr/bin/aum to the non-existing file /var/asl/bin/aum.
Even with aum_4.0.19-38_amd64.deb (last nights update) this symlink was set again.

These are just additional informations to clarify what might have gone wrong.

Regards,
Kristian
 
Exact same problem here, error started after update #43 to 12.5.30 on ‪Ubuntu 12.04.5 LTS‬ last updated at Aug 9, 2016 03:56 AM
 
And now, since 12 o'clock, the antivirus DrWeb fails on every mail:

Code:
Dear Postmaster,

A message with the following attributes was not delivered because it contains an object which cannot be checked by antivirus.

Sender = [email protected]
Recipients = [email protected]
Subject =  New Doc 730-37
Message-ID =  <[email protected]>

--- Antivirus report ---
Detailed report:
The filter fails to pass object to the DrWEB daemon

--- Antivirus report ---

The original message was stored in archive record named:
file was not created
 
Hi Xantiva,

I do not think this is related to this (aum) issue.
DrWeb ist a totally different component of Plesk.

Please open a new Thread for this issue and check your maillogs for further investigation.

Regards,
Kristian
 
Was pointed to this topic by trialotto in another topic. But wanted to add my experience, so a crosspost.

----
Sorry to highjack your topic BrinsleyP but I have the same issue as you on a machine running Debian 7.11 32bit with Plesk 12.0.18.

I believe it to be cause after an update of aum via automated apt-get. As I also got an update email from CRON-APT listing that package and also indicating:
WARNING: The following packages cannot be authenticated!

aum
# apt-cache show aum
Package: aum
Version: 4.0.19-38
Architecture: i386
Maintainer: atomicorp
Installed-Size: 10777
Depends: curl, binutils
Priority: optional
Section: misc
Filename: pool/main/a/aum/aum_4.0.19-38_i386.deb
Size: 3202064
SHA256: bd40ff5c13a5b17b2e4b8c79b54f47b26e289a7a81f8b2d9b864565317ee9d5a
SHA1: 10f1882a72a3e7266328fb73977a5963a262189f
MD5sum: 2702142715f15ea67592a77b33551271
Description: Atomicorp Updater Modified
Now I get emails from the server:
/etc/cron.hourly/asl:

Error: ASL has not been configured

run-parts: /etc/cron.hourly/asl exited with return code 1
I've tried UFHH01 methode of uninstalling modsecurity and reinstalling it. Even using KB article 122577 but no luck. Any help to resolve this issue would be welcome.​
----


I'll try KristianM fix when I can access the server that has this issue. VPN won't work atm.
 
@KristianM , your fix did help indeed. FInal or not, it'sa working workaround, better than disabling the hourly job.

To wrap the fixes / workarounds up:

1. Missing config
/ ASL has not been configured

I found an old config file under
/var/asl/rbc/etc/asl/config

with a timestamp from this night .... ( Name is config.1470869110)
in this Directory are 2 files, the newer one has
CONFIGURED="yes"

in it, so I copied this one over to /etc/asl/config

2. Hourly cron exit code 127

Hi again,

just for the notes.
Prior to last nights update of "aum" by Plesk, there was no cronjob for aum.
As the cronjob refers to files that are not there, it gives the mentioned errors.

I guess this should and will be fixed by "Atomic Corp".

The interesting thing is that even with the previous version of the aum package there was no file "var/asl/bin/asl nor /var/asl/bin/php but in the postinst Script of the deb-file there was a "ln -s -f /var/asl/bin/aum /usr/bin/aum"

So prior last nights update there should have been a dead symlink from /usr/bin/aum to the non-existing file /var/asl/bin/aum.
Even with aum_4.0.19-38_amd64.deb (last nights update) this symlink was set again.

These are just additional informations to clarify what might have gone wrong.

Regards,
Kristian
 
@Everyone,

I will give a small summary of all relevant topics (and issues) that are existing with ASL (Atomic Secured Linux), in order to provide the much needed clarity.

I will provide two sections, one of them dedicated to a general explanation, the other dedicated to the solution of the issues encountered.

A - Explanation

In essence, ASL is a full package consisting of the (stand-alone) AUM installer and a Web GUI (on port 30000).

Plesk only has the (stand-alone) AUM installer: there is no binary or script called "asl" on Plesk instances, implying (amongst others) that

a) Atomicorp`s installation, upgrade and debugging manuals are not that helpful, since they all assume the existence of "asl", (and)
b) the topic thread https://talk.plesk.com/threads/error-asl-has-not-been-configured.338188/#post-806027 is not useful at all, (and)
c) the KB article KB122577 does not apply in the current case,

and, more important,

d) the script "asl_cli_c" is NOT the same as the binary or script "asl", (and)
e) cronjobs using the /etc/asl/config file AND referring to "asl" will exit with code 127, (and)
f) cronjobs using the /etc/asl/config file with a key-value pair of CONFIGURED="yes" will exit with code 1,

and, therefore, the MOST important part is that

- mod_security and/or the wep application firewall (WAF) never stopped working (it worked fine!),
- the error notifications per mail resulted from cronjobs with exit codes 127 can be safely ignored (a solution exists, but the fact remains that these notifications are barely relevant).

In essence, there is or was a big issue with the config file, which was completely empty.

In the meantime, the KB article KB129494 has been issued, but that still does not resolve all issues.

Let´s proceed with the second section, being the resolution of issues encountered.

B - Solutions

a) Exit code 1

ISSUE: error notifications with respect to cronjobs exiting with code 1.

SOLUTION 1: follow KB article KB129494, but I would not want to recommend it, for reasons that will become clear later.
SOLUTION 2: follow the steps below (in chronological order):

- run the command: cp -p /etc/asl/config.dpkg-dist /etc/asl/config
- run the command: /var/asl/bin/aum -c

and note that you should have the config.dpkg-dist file (on deb based machines, or the equivalent on rpm based machines), otherwise just use solution 1.

CHECK: verify that /etc/asl/config contains the key-value pair of CONFIGURED="yes" in the last line of the config file.

IMPORTANT: you are not finished yet, have a look at point b!

b) Exit code 127

ISSUE: error notifications with respect to cronjobs exiting with code 127.

SOLUTION: change the key-value pair APACHE_RESTART_COMMAND="/etc/init.d/httpd restart" to APACHE_RESTART_COMMAND="/etc/init.d/apache2 restart", IF AND ONLY IF you are on a deb based machine (like Ubuntu).

CHECK: just have a look at /etc/init.d, in order to determine whether you should use "httpd" or "apache2".

IMPORTANT: in most cases of changes to or updates to mod_security and/or rulesets, Apache web server has to be restarted
IMPORTANT: do NOT use the "work-around" as mentioned in the post https://talk.plesk.com/threads/suddenly-getting-asl-errors-today.338907/page-2#post-806008
IMPORTANT: it is highly recommend to use the key-value pair RESTART_APACHE="graceful" (!)

NOTE: it is recommended to restart httpd or apache2 service after applying this solution.

c) Various issues

The config file /etc/asl/config is rather extensive AND "buggy" AND/OR "inconvenient", the latter in the sense that it is created from a template.

The problem with the template is that some inconveniences can occur when running "aum -c": it will set the key-value pair of CONFIGURED="yes", but it will also undo the change to the key-value pair to APACHE_RESTART_COMMAND="/etc/init.d/apache2 restart" AND all other (manual or custom) changes to the /etc/asl/config file.

Moreover, not all values for specific keys are appropriate, optimal or even correct.

In essence, this is a (major) "task to do" for Atomicorp, in cooperation with Plesk Team.


In short, I hope that the above mentioned summary and explanation will help a bit.

Regards!
 
Last edited:
@Everyone,
B - Solutions

a) Exit code 1

ISSUE: error notifications with respect to cronjobs exiting with code 1.

SOLUTION 1: follow KB article KB129494, but I would not want to recommend it, for reasons that will become clear later.
SOLUTION 2: follow the steps below (in chronological order):

- run the command: cp -p /etc/asl/config.dpkg-dist config
- run the command: /var/asl/bin/aum -c
I believe the bold command needs to be updated to cp -p /etc/asl/config.dpkg-dist /etc/asl/config

Oh and clarify that the b) Exit code 127 is concerning the /etc/asl/config file.

Thanks
 
I believe the bold command needs to be updated to cp -p /etc/asl/config.dpkg-dist /etc/asl/config

Oh and clarify that the b) Exit code 127 is concerning the /etc/asl/config file.

Thanks

@Grey,

Made some changes, I must admit that it was a whole lot to type and a whole lot to investigate (and time is a scarce resource).

I am pretty sure that some other "edits" will follow sooner or later, keep track of it, comments are always welcome!

Regards.......
 
Hi there,

I am also having this issue on my Plesk Server Plesk 12.5 Update 43. On Ubuntu 14.04 how to fix this? because my dam mail account gets spammed with cron failed mails... And news on an official fix for this?
 
Back
Top