PNG  IHDRQgAMA a cHRMz&u0`:pQ<bKGDgmIDATxwUﹻ& ^CX(J I@ "% (** BX +*i"]j(IH{~R)[~>h{}gy)I$Ij .I$I$ʊy@}x.: $I$Ii}VZPC)I$IF ^0ʐJ$I$Q^}{"r=OzI$gRZeC.IOvH eKX $IMpxsk.쒷/&r[޳<v| .I~)@$updYRa$I |M.e JaֶpSYR6j>h%IRز if&uJ)M$I vLi=H;7UJ,],X$I1AҒJ$ XY XzI@GNҥRT)E@;]K*Mw;#5_wOn~\ DC&$(A5 RRFkvIR}l!RytRl;~^ǷJj اy뷦BZJr&ӥ8Pjw~vnv X^(I;4R=P[3]J,]ȏ~:3?[ a&e)`e*P[4]T=Cq6R[ ~ޤrXR Հg(t_HZ-Hg M$ãmL5R uk*`%C-E6/%[t X.{8P9Z.vkXŐKjgKZHg(aK9ڦmKjѺm_ \#$5,)-  61eJ,5m| r'= &ڡd%-]J on Xm|{ RҞe $eڧY XYrԮ-a7RK6h>n$5AVڴi*ֆK)mѦtmr1p| q:흺,)Oi*ֺK)ܬ֦K-5r3>0ԔHjJئEZj,%re~/z%jVMڸmrt)3]J,T K֦OvԒgii*bKiNO~%PW0=dii2tJ9Jݕ{7"I P9JKTbu,%r"6RKU}Ij2HKZXJ,妝 XYrP ެ24c%i^IK|.H,%rb:XRl1X4Pe/`x&P8Pj28Mzsx2r\zRPz4J}yP[g=L) .Q[6RjWgp FIH*-`IMRaK9TXcq*I y[jE>cw%gLRԕiFCj-ďa`#e~I j,%r,)?[gp FI˨mnWX#>mʔ XA DZf9,nKҲzIZXJ,L#kiPz4JZF,I,`61%2s $,VOϚ2/UFJfy7K> X+6 STXIeJILzMfKm LRaK9%|4p9LwJI!`NsiazĔ)%- XMq>pk$-$Q2x#N ؎-QR}ᶦHZډ)J,l#i@yn3LN`;nڔ XuX5pF)m|^0(>BHF9(cզEerJI rg7 4I@z0\JIi䵙RR0s;$s6eJ,`n 䂦0a)S)A 1eJ,堌#635RIgpNHuTH_SԕqVe ` &S)>p;S$魁eKIuX`I4춒o}`m$1":PI<[v9^\pTJjriRŭ P{#{R2,`)e-`mgj~1ϣLKam7&U\j/3mJ,`F;M'䱀 .KR#)yhTq;pcK9(q!w?uRR,n.yw*UXj#\]ɱ(qv2=RqfB#iJmmL<]Y͙#$5 uTU7ӦXR+q,`I}qL'`6Kͷ6r,]0S$- [RKR3oiRE|nӦXR.(i:LDLTJjY%o:)6rxzҒqTJjh㞦I.$YR.ʼnGZ\ֿf:%55 I˼!6dKxm4E"mG_ s? .e*?LRfK9%q#uh$)i3ULRfK9yxm܌bj84$i1U^@Wbm4uJ,ҪA>_Ij?1v32[gLRD96oTaR׿N7%L2 NT,`)7&ƝL*꽙yp_$M2#AS,`)7$rkTA29_Iye"|/0t)$n XT2`YJ;6Jx".e<`$) PI$5V4]29SRI>~=@j]lp2`K9Jaai^" Ԋ29ORI%:XV5]JmN9]H;1UC39NI%Xe78t)a;Oi Ҙ>Xt"~G>_mn:%|~ޅ_+]$o)@ǀ{hgN;IK6G&rp)T2i୦KJuv*T=TOSV>(~D>dm,I*Ɛ:R#ۙNI%D>G.n$o;+#RR!.eU˽TRI28t)1LWϚ>IJa3oFbu&:tJ*(F7y0ZR ^p'Ii L24x| XRI%ۄ>S1]Jy[zL$adB7.eh4%%누>WETf+3IR:I3Xה)3אOۦSRO'ٺ)S}"qOr[B7ϙ.edG)^ETR"RtRݜh0}LFVӦDB^k_JDj\=LS(Iv─aTeZ%eUAM-0;~˃@i|l @S4y72>sX-vA}ϛBI!ݎߨWl*)3{'Y|iSlEڻ(5KtSI$Uv02,~ԩ~x;P4ցCrO%tyn425:KMlD ^4JRxSهF_}شJTS6uj+ﷸk$eZO%G*^V2u3EMj3k%)okI]dT)URKDS 7~m@TJR~荪fT"֛L \sM -0T KfJz+nإKr L&j()[E&I ߴ>e FW_kJR|!O:5/2跌3T-'|zX ryp0JS ~^F>-2< `*%ZFP)bSn"L :)+pʷf(pO3TMW$~>@~ū:TAIsV1}S2<%ޟM?@iT ,Eūoz%i~g|`wS(]oȤ8)$ ntu`өe`6yPl IzMI{ʣzʨ )IZ2= ld:5+請M$-ї;U>_gsY$ÁN5WzWfIZ)-yuXIfp~S*IZdt;t>KūKR|$#LcԀ+2\;kJ`]YǔM1B)UbG"IRߊ<xܾӔJ0Z='Y嵤 Leveg)$znV-º^3Ւof#0Tfk^Zs[*I꯳3{)ˬW4Ւ4 OdpbZRS|*I 55#"&-IvT&/윚Ye:i$ 9{LkuRe[I~_\ؠ%>GL$iY8 9ܕ"S`kS.IlC;Ҏ4x&>u_0JLr<J2(^$5L s=MgV ~,Iju> 7r2)^=G$1:3G< `J3~&IR% 6Tx/rIj3O< ʔ&#f_yXJiގNSz; Tx(i8%#4 ~AS+IjerIUrIj362v885+IjAhK__5X%nV%Iͳ-y|7XV2v4fzo_68"S/I-qbf; LkF)KSM$ Ms>K WNV}^`-큧32ŒVؙGdu,^^m%6~Nn&͓3ŒVZMsRpfEW%IwdǀLm[7W&bIRL@Q|)* i ImsIMmKmyV`i$G+R 0tV'!V)֏28vU7͒vHꦼtxꗞT ;S}7Mf+fIRHNZUkUx5SAJㄌ9MqμAIRi|j5)o*^'<$TwI1hEU^c_j?Е$%d`z cyf,XO IJnTgA UXRD }{H}^S,P5V2\Xx`pZ|Yk:$e ~ @nWL.j+ϝYb퇪bZ BVu)u/IJ_ 1[p.p60bC >|X91P:N\!5qUB}5a5ja `ubcVxYt1N0Zzl4]7­gKj]?4ϻ *[bg$)+À*x쳀ogO$~,5 زUS9 lq3+5mgw@np1sso Ӻ=|N6 /g(Wv7U;zωM=wk,0uTg_`_P`uz?2yI!b`kĸSo+Qx%!\οe|އԁKS-s6pu_(ֿ$i++T8=eY; צP+phxWQv*|p1. ά. XRkIQYP,drZ | B%wP|S5`~́@i޾ E;Չaw{o'Q?%iL{u D?N1BD!owPHReFZ* k_-~{E9b-~P`fE{AܶBJAFO wx6Rox5 K5=WwehS8 (JClJ~ p+Fi;ŗo+:bD#g(C"wA^ r.F8L;dzdIHUX݆ϞXg )IFqem%I4dj&ppT{'{HOx( Rk6^C٫O.)3:s(۳(Z?~ٻ89zmT"PLtw䥈5&b<8GZ-Y&K?e8,`I6e(֍xb83 `rzXj)F=l($Ij 2*(F?h(/9ik:I`m#p3MgLaKjc/U#n5S# m(^)=y=đx8ŬI[U]~SцA4p$-F i(R,7Cx;X=cI>{Km\ o(Tv2vx2qiiDJN,Ҏ!1f 5quBj1!8 rDFd(!WQl,gSkL1Bxg''՞^ǘ;pQ P(c_ IRujg(Wz bs#P­rz> k c&nB=q+ؔXn#r5)co*Ũ+G?7< |PQӣ'G`uOd>%Mctz# Ԫڞ&7CaQ~N'-P.W`Oedp03C!IZcIAMPUۀ5J<\u~+{9(FbbyAeBhOSܳ1 bÈT#ŠyDžs,`5}DC-`̞%r&ڙa87QWWp6e7 Rϫ/oY ꇅ Nܶըtc!LA T7V4Jsū I-0Pxz7QNF_iZgúWkG83 0eWr9 X]㾮݁#Jˢ C}0=3ݱtBi]_ &{{[/o[~ \q鯜00٩|cD3=4B_b RYb$óBRsf&lLX#M*C_L܄:gx)WΘsGSbuL rF$9';\4Ɍq'n[%p.Q`u hNb`eCQyQ|l_C>Lb꟟3hSb #xNxSs^ 88|Mz)}:](vbۢamŖ࿥ 0)Q7@0=?^k(*J}3ibkFn HjB׻NO z x}7p 0tfDX.lwgȔhԾŲ }6g E |LkLZteu+=q\Iv0쮑)QٵpH8/2?Σo>Jvppho~f>%bMM}\//":PTc(v9v!gոQ )UfVG+! 35{=x\2+ki,y$~A1iC6#)vC5^>+gǵ@1Hy٪7u;p psϰu/S <aʸGu'tD1ԝI<pg|6j'p:tպhX{o(7v],*}6a_ wXRk,O]Lܳ~Vo45rp"N5k;m{rZbΦ${#)`(Ŵg,;j%6j.pyYT?}-kBDc3qA`NWQū20/^AZW%NQ MI.X#P#,^Ebc&?XR tAV|Y.1!؅⨉ccww>ivl(JT~ u`ٵDm q)+Ri x/x8cyFO!/*!/&,7<.N,YDŽ&ܑQF1Bz)FPʛ?5d 6`kQձ λc؎%582Y&nD_$Je4>a?! ͨ|ȎWZSsv8 j(I&yj Jb5m?HWp=g}G3#|I,5v珿] H~R3@B[☉9Ox~oMy=J;xUVoj bUsl_35t-(ՃɼRB7U!qc+x4H_Qo֮$[GO<4`&č\GOc[.[*Af%mG/ ňM/r W/Nw~B1U3J?P&Y )`ѓZ1p]^l“W#)lWZilUQu`-m|xĐ,_ƪ|9i:_{*(3Gѧ}UoD+>m_?VPۅ15&}2|/pIOʵ> GZ9cmíتmnz)yߐbD >e}:) r|@R5qVSA10C%E_'^8cR7O;6[eKePGϦX7jb}OTGO^jn*媓7nGMC t,k31Rb (vyܴʭ!iTh8~ZYZp(qsRL ?b}cŨʊGO^!rPJO15MJ[c&~Z`"ѓޔH1C&^|Ш|rʼ,AwĴ?b5)tLU)F| &g٣O]oqSUjy(x<Ϳ3 .FSkoYg2 \_#wj{u'rQ>o;%n|F*O_L"e9umDds?.fuuQbIWz |4\0 sb;OvxOSs; G%T4gFRurj(֍ڑb uԖKDu1MK{1^ q; C=6\8FR艇!%\YÔU| 88m)֓NcLve C6z;o&X x59:q61Z(T7>C?gcļxѐ Z oo-08jہ x,`' ҔOcRlf~`jj".Nv+sM_]Zk g( UOPyεx%pUh2(@il0ݽQXxppx-NS( WO+轾 nFߢ3M<;z)FBZjciu/QoF 7R¥ ZFLF~#ȣߨ^<쩡ݛкvџ))ME>ώx4m#!-m!L;vv#~Y[đKmx9.[,UFS CVkZ +ߟrY٧IZd/ioi$%͝ب_ֶX3ܫhNU ZZgk=]=bbJS[wjU()*I =ώ:}-蹞lUj:1}MWm=̛ _ ¾,8{__m{_PVK^n3esw5ӫh#$-q=A̟> ,^I}P^J$qY~Q[ Xq9{#&T.^GVj__RKpn,b=`żY@^՝;z{paVKkQXj/)y TIc&F;FBG7wg ZZDG!x r_tƢ!}i/V=M/#nB8 XxЫ ^@CR<{䤭YCN)eKOSƟa $&g[i3.C6xrOc8TI;o hH6P&L{@q6[ Gzp^71j(l`J}]e6X☉#͕ ׈$AB1Vjh㭦IRsqFBjwQ_7Xk>y"N=MB0 ,C #o6MRc0|$)ف"1!ixY<B9mx `,tA>)5ػQ?jQ?cn>YZe Tisvh# GMމȇp:ԴVuږ8ɼH]C.5C!UV;F`mbBk LTMvPʍϤj?ԯ/Qr1NB`9s"s TYsz &9S%U԰> {<ؿSMxB|H\3@!U| k']$U+> |HHMLޢ?V9iD!-@x TIî%6Z*9X@HMW#?nN ,oe6?tQwڱ.]-y':mW0#!J82qFjH -`ѓ&M0u Uγmxϵ^-_\])@0Rt.8/?ٰCY]x}=sD3ojަЫNuS%U}ԤwHH>ڗjܷ_3gN q7[q2la*ArǓԖ+p8/RGM ]jacd(JhWko6ڎbj]i5Bj3+3!\j1UZLsLTv8HHmup<>gKMJj0@H%,W΃7R) ">c, xixј^ aܖ>H[i.UIHc U1=yW\=S*GR~)AF=`&2h`DzT󑓶J+?W+}C%P:|0H܆}-<;OC[~o.$~i}~HQ TvXΈr=b}$vizL4:ȰT|4~*!oXQR6Lk+#t/g lԁߖ[Jڶ_N$k*". xsxX7jRVbAAʯKҎU3)zSNN _'s?f)6X!%ssAkʱ>qƷb hg %n ~p1REGMHH=BJiy[<5 ǁJҖgKR*倳e~HUy)Ag,K)`Vw6bRR:qL#\rclK/$sh*$ 6덤 KԖc 3Z9=Ɣ=o>X Ώ"1 )a`SJJ6k(<c e{%kϊP+SL'TcMJWRm ŏ"w)qc ef꒵i?b7b('"2r%~HUS1\<(`1Wx9=8HY9m:X18bgD1u ~|H;K-Uep,, C1 RV.MR5άh,tWO8WC$ XRVsQS]3GJ|12 [vM :k#~tH30Rf-HYݺ-`I9%lIDTm\ S{]9gOڒMNCV\G*2JRŨ;Rҏ^ڽ̱mq1Eu?To3I)y^#jJw^Ńj^vvlB_⋌P4x>0$c>K†Aļ9s_VjTt0l#m>E-,,x,-W)سo&96RE XR.6bXw+)GAEvL)͞K4$p=Ũi_ѱOjb HY/+@θH9޼]Nԥ%n{ &zjT? Ty) s^ULlb,PiTf^<À] 62R^V7)S!nllS6~͝V}-=%* ʻ>G DnK<y&>LPy7'r=Hj 9V`[c"*^8HpcO8bnU`4JȪAƋ#1_\ XϘHPRgik(~G~0DAA_2p|J묭a2\NCr]M_0 ^T%e#vD^%xy-n}-E\3aS%yN!r_{ )sAw ڼp1pEAk~v<:`'ӭ^5 ArXOI驻T (dk)_\ PuA*BY]yB"l\ey hH*tbK)3 IKZ򹞋XjN n *n>k]X_d!ryBH ]*R 0(#'7 %es9??ښFC,ՁQPjARJ\Ρw K#jahgw;2$l*) %Xq5!U᢯6Re] |0[__64ch&_}iL8KEgҎ7 M/\`|.p,~`a=BR?xܐrQ8K XR2M8f ?`sgWS%" Ԉ 7R%$ N}?QL1|-эټwIZ%pvL3Hk>,ImgW7{E xPHx73RA @RS CC !\ȟ5IXR^ZxHл$Q[ŝ40 (>+ _C >BRt<,TrT {O/H+˟Pl6 I B)/VC<6a2~(XwV4gnXR ϱ5ǀHٻ?tw똤Eyxp{#WK qG%5],(0ӈH HZ])ג=K1j&G(FbM@)%I` XRg ʔ KZG(vP,<`[ Kn^ SJRsAʠ5xՅF`0&RbV tx:EaUE/{fi2;.IAwW8/tTxAGOoN?G}l L(n`Zv?pB8K_gI+ܗ #i?ޙ.) p$utc ~DžfՈEo3l/)I-U?aԅ^jxArA ΧX}DmZ@QLےbTXGd.^|xKHR{|ΕW_h] IJ`[G9{).y) 0X YA1]qp?p_k+J*Y@HI>^?gt.06Rn ,` ?);p pSF9ZXLBJPWjgQ|&)7! HjQt<| ؅W5 x W HIzYoVMGP Hjn`+\(dNW)F+IrS[|/a`K|ͻ0Hj{R,Q=\ (F}\WR)AgSG`IsnAR=|8$}G(vC$)s FBJ?]_u XRvύ6z ŨG[36-T9HzpW̞ú Xg큽=7CufzI$)ki^qk-) 0H*N` QZkk]/tnnsI^Gu't=7$ Z;{8^jB% IItRQS7[ϭ3 $_OQJ`7!]W"W,)Iy W AJA;KWG`IY{8k$I$^%9.^(`N|LJ%@$I}ֽp=FB*xN=gI?Q{٥4B)mw $Igc~dZ@G9K X?7)aK%݅K$IZ-`IpC U6$I\0>!9k} Xa IIS0H$I H ?1R.Чj:4~Rw@p$IrA*u}WjWFPJ$I➓/6#! LӾ+ X36x8J |+L;v$Io4301R20M I$-E}@,pS^ޟR[/s¹'0H$IKyfŸfVOπFT*a$I>He~VY/3R/)>d$I>28`Cjw,n@FU*9ttf$I~<;=/4RD~@ X-ѕzἱI$: ԍR a@b X{+Qxuq$IЛzo /~3\8ڒ4BN7$IҀj V]n18H$IYFBj3̵̚ja pp $Is/3R Ӻ-Yj+L;.0ŔI$Av? #!5"aʄj}UKmɽH$IjCYs?h$IDl843.v}m7UiI=&=0Lg0$I4: embe` eQbm0u? $IT!Sƍ'-sv)s#C0:XB2a w I$zbww{."pPzO =Ɔ\[ o($Iaw]`E).Kvi:L*#gР7[$IyGPI=@R 4yR~̮´cg I$I/<tPͽ hDgo 94Z^k盇΄8I56^W$I^0̜N?4*H`237}g+hxoq)SJ@p|` $I%>-hO0eO>\ԣNߌZD6R=K ~n($I$y3D>o4b#px2$yڪtzW~a $I~?x'BwwpH$IZݑnC㧄Pc_9sO gwJ=l1:mKB>Ab<4Lp$Ib o1ZQ@85b̍ S'F,Fe,^I$IjEdù{l4 8Ys_s Z8.x m"+{~?q,Z D!I$ϻ'|XhB)=…']M>5 rgotԎ 獽PH$IjIPhh)n#cÔqA'ug5qwU&rF|1E%I$%]!'3AFD/;Ck_`9 v!ٴtPV;x`'*bQa w I$Ix5 FC3D_~A_#O݆DvV?<qw+I$I{=Z8".#RIYyjǪ=fDl9%M,a8$I$Ywi[7ݍFe$s1ՋBVA?`]#!oz4zjLJo8$I$%@3jAa4(o ;p,,dya=F9ً[LSPH$IJYЉ+3> 5"39aZ<ñh!{TpBGkj}Sp $IlvF.F$I z< '\K*qq.f<2Y!S"-\I$IYwčjF$ w9 \ߪB.1v!Ʊ?+r:^!I$BϹB H"B;L'G[ 4U#5>੐)|#o0aڱ$I>}k&1`U#V?YsV x>{t1[I~D&(I$I/{H0fw"q"y%4 IXyE~M3 8XψL}qE$I[> nD?~sf ]o΁ cT6"?'_Ἣ $I>~.f|'!N?⟩0G KkXZE]ޡ;/&?k OۘH$IRۀwXӨ<7@PnS04aӶp.:@\IWQJ6sS%I$e5ڑv`3:x';wq_vpgHyXZ 3gЂ7{{EuԹn±}$I$8t;b|591nءQ"P6O5i }iR̈́%Q̄p!I䮢]O{H$IRϻ9s֧ a=`- aB\X0"+5"C1Hb?߮3x3&gşggl_hZ^,`5?ߎvĸ%̀M!OZC2#0x LJ0 Gw$I$I}<{Eb+y;iI,`ܚF:5ܛA8-O-|8K7s|#Z8a&><a&/VtbtLʌI$I$I$I$I$I$IRjDD%tEXtdate:create2022-05-31T04:40:26+00:00!Î%tEXtdate:modify2022-05-31T04:40:26+00:00|{2IENDB`Mini Shell

HOME


Mini Shell 1.0
DIR:/scripts/
Upload File :
Current File : //scripts/maintenance
#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/maintenance                     Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

package scripts::maintenance;

use strict;
use warnings;

use Try::Tiny;

use Cpanel::iContact::Class::Update::EndOfLife     ();
use Cpanel::AccessIds                              ();
use Cpanel::Binaries                               ();
use Cpanel::TimeHiRes                              ();
use Cpanel::Config::LoadCpConf                     ();
use Cpanel::ConfigFiles                            ();
use Cpanel::Cron::Utils                            ();
use Cpanel::Crypt::GPG::Settings                   ();
use Cpanel::Crypt::GPG::VendorKeys::TimestampCache ();
use Cpanel::Env                                    ();
use Cpanel::IOCallbackWriteLine                    ();
use Cpanel::MysqlUtils::Version                    ();
use Cpanel::Notify                                 ();
use Cpanel::OS                                     ();
use Cpanel::Rand::Get                              ();
use Cpanel::RPM::Versions::Directory               ();
use Cpanel::SafeRun::Object                        ();
use Cpanel::SafeRun::BG                            ();
use Cpanel::Server::Type                           ();
use Cpanel::ServerTasks                            ();
use Cpanel::Services::Enabled                      ();
use Cpanel::Sync::CheckRestore                     ();
use Cpanel::Update::Config                         ();
use Cpanel::Config::Crontab                        ();
use Cpanel::Update::Logger                         ();
use IO::Handle                                     ();
use IO::Select                                     ();

# hash we'll use to process each request
our $RPM_IS_BROKEN             = 0;
our $_UPGRADE_IN_PROGRESS_FILE = '/usr/local/cpanel/upgrade_in_progress.txt';
my $DRY_RUN;

our $SQLITE_AUTO_REBUILD_LAST_RAN_FILE = '/var/cpanel/.last_ran_sqlite_auto_rebuild_from_maintenance';

# Internal documentation: https://cpanel.wiki/x/zwwFAw
sub script {
    my ( $class, @args ) = @_;

    if ( $> != 0 ) {
        print "This cPanel maintenance script must be run as root, not uid $>.\n";
        return 2;
    }

    umask(0022);
    my $security_token = $ENV{'cp_security_token'} || '';

    # default pcent when none are defined
    my $starting_pbar  = 0;
    my $finishing_pbar = 100;

    # in case we are called before and outside of upcp
    setupenv();

    my $only_run;

    # create a default logfile path, if called from upcp, use the log it passes
    my $now          = time();
    my $logfile_path = '/var/cpanel/updatelogs/maintenance' . $now . '.log';

    my $custom_pbar;

    foreach my $arg (@args) {
        if ( $arg =~ m/^--log\=(.*)/ ) {
            $logfile_path = $1;
        }
        elsif ( $arg =~ m/^--pbar-start=([0-9]+)/ ) {
            $custom_pbar   = 1;
            $starting_pbar = int($1);
        }
        elsif ( $arg =~ m/^--pbar-stop=([0-9]+)/ ) {
            $custom_pbar    = 1;
            $finishing_pbar = int($1);
        }
        elsif ( $arg =~ m/^--dry-run$/ ) {    # no doc required: dev only
            $DRY_RUN = 1;
        }
        elsif ( $arg =~ m/^--pre$/ ) {        # no doc required: upcp only
            $only_run = 'pre';
        }
        elsif ( $arg =~ m/^--post$/ ) {       # no doc required: upcp only
            $only_run = 'post';
        }
        elsif ( $arg =~ m/^--help/ ) {
            return usage();
        }
    }

    open( STDERR, ">&STDOUT" );
    $| = 1;

    # when start pbar is unset progress bar is not displayed
    setup_logger( $logfile_path, $custom_pbar ? $starting_pbar : undef );

    # helper which normalize all percentage to be in [ $starting_pbar .. $finishing_pbar ]
    #    the only thing that we should care are the capping values which should be between [ 0..100 ]
    my $increment_pbar;    # initialize later as we can count how many tasks to run

    my $do_progress_bar = sub {
        my (@args) = @_;
        return bless sub { $increment_pbar->(@args) }, 'PBAR';
    };

    #############################################################################
    # maintenance actions are split in 2 groups: pre and post
    # by default maintenance is going to run both groups: pre than post
    # /scripts/maintenance is similar to run
    #   1. ~maintenance --pre
    #   2. ~maintenance --post
    # but we can now run only one of these groups, this allow to run post_sync_cleanup earlier during upcp
    # /scripts/upcp is going to use maintenance script using 2 different calls
    #   1. update.now
    #   2. maintenance --pre
    #   3. post_sync_cleanup
    #   4. maintenance --post

    my $blocks = { pre => [], post => [] };

    # This is the only pre block in this script. Only things that MUST happen before post_sync_cleanup should live here.
    push @{ $blocks->{'pre'} }, (
        show_status('Assuring needed symlinks in 3rdparty/bin are in place.'),
        '/usr/local/cpanel/scripts/link_3rdparty_binaries',

        show_status('Setting clock'),
        '/usr/local/cpanel/scripts/rdate',

        # Process any possibly pending PHP PEAR updates from cpanel-php pear RPMs in the background,
        # as they should have already been installed during update.now
        action_update_pear_registry_in_the_background(),

        action_set_up_dns_resolver_workarounds(),
        action_background_refresh_dkim_validity_cache(),

        action_find_and_fix_rpm_issues(),    # set RPM_IS_BROKEN (at run time): used by sysup and check_cpanel_pkgs
        action_install_els(),
        action_update_packages(),
        action_ensure_mysql_upgrade_hook(),

    );

    push @{ $blocks->{'post'} }, (

        show_status('Purging cpupdate.conf of invalid entries'),
        \&purge_cpupdate_conf,
        \&purge_upcp_logs,

        action_updatesigningkey(),
        action_sysup(),

        #We do it right after post sync cleanup and sysup
        #to ensure cPanel services have been restarted before we
        #do any system ones so that they can access cPanel
        #and monitor the system while the system services are
        #being restarted.
        show_status('Restarting any outdated services'),
        $ENV{'CPANEL_BASE_INSTALL'} ? () : ( run( '/usr/local/cpanel/scripts/find_outdated_services --auto', { exit_ok => [1] } ) ),    # Base install does this in the background before upcp

        action_vps_optimizer(),                                                                                                         # not on dnsonly
        show_status('Checking for a valid C Compiler.'),
        '/usr/local/cpanel/scripts/checkccompiler',
        action_build_locale_databases(),
        show_status('Migrating feature lists to current version (if needed)'),
        '/usr/local/cpanel/bin/migrate_all_feature_lists_to_current',

        show_status('Checking for main IP changes'),
        '/usr/local/cpanel/scripts/mainipcheck',

        show_status('Updating neighbor netblocks'),
        '/usr/local/cpanel/scripts/update_neighbor_netblocks',

        show_status('Updating known proxy ips'),
        '/usr/local/cpanel/scripts/update_known_proxy_ips',

        show_status('Validating server hostname'),

        # No need to check this on a fresh install since we already validate in the installer
        ( $ENV{'CPANEL_BASE_INSTALL'} ? () : ('/usr/local/cpanel/scripts/check_valid_server_hostname --notify') ),

        show_status('Validating cPanel system users'),
        '/usr/local/cpanel/scripts/checkusers',
        action_fixrndc(),
        action_init_wwwacct_conf(),
        action_ipaliases(),
        action_check_cpanel_pkgs(),
        show_status('Running env auto repair'),
        '/usr/local/cpanel/scripts/vzzo-fixer',
        '/usr/local/cpanel/scripts/quota_auto_fix',
        '/usr/local/cpanel/scripts/clear_orphaned_virtfs_mounts --inactiveonly',
        '/usr/local/cpanel/scripts/disable_prelink',
        show_status('Cleaning up orphaned filesystem quotas'),
        '/usr/local/cpanel/scripts/cleanquotas',
        ( $ENV{'CPANEL_BASE_INSTALL'} ? () : ('/usr/local/cpanel/scripts/autorepair autorepair') ),
        '/usr/local/cpanel/scripts/purge_old_config_caches',
        '/usr/local/cpanel/scripts/cleansessions',
        '/usr/local/cpanel/scripts/checkbashshell',
        action_passwd(),
        \&setupcrontab,
        '/usr/local/cpanel/scripts/dnsqueuecron',
        show_status('Rebuild WHM chrome cache'),
        '/usr/local/cpanel/scripts/rebuild_whm_chrome',

        # checkallsslcerts needs to run on DNSONLY
        # because we need an ssl cert for dovecot for it to startup

        # Ensure /var/cpanel/ssl/*-SIGNATURE_CHAIN_VERIFIED and
        #  /var/cpanel/ssl/*-NO_AFTER is updated so Cpanel::Redirect
        #  can make good descisions.  This also ensures that
        #  admins get timely notice of the expire time being
        #  reached on their ssl certificates.
        action_checkallsslcerts(),

        show_status('Purging invalid or soon-to-expire Domain TLS entries for service domains'),
        '/usr/local/cpanel/scripts/check_domain_tls_service_domains.pl --prune',

        show_status('Cleaning up temporary wheel/sudo users'),
        '/usr/local/cpanel/scripts/clean_up_temp_wheel_users',
    );

    if ( !Cpanel::Server::Type::is_dnsonly() ) {
        push @{ $blocks->{'post'} }, (
            action_sprite_generator(),
            action_update_rdns_ips_cache(),
            show_status('Updating services and databases'),
            '/usr/local/cpanel/scripts/listcheck',
            action_purge_modsec(),
            ( $ENV{'CPANEL_BASE_INSTALL'} ? () : ( action_ftpquotacheck() ) ),
            '/usr/local/cpanel/scripts/updateuserdomains',

            '/usr/local/cpanel/bin/empty_user_trash --quiet --all',
            '/usr/local/cpanel/bin/empty_user_horde_temp_files --quiet --all',
            '/usr/local/cpanel/scripts/build_maxemails_config',
            '/usr/local/cpanel/scripts/updateuserdatacache --force',

            show_status('Checking system maxmem setting'),
            '/usr/local/cpanel/scripts/check_maxmem_against_domains_count --always-fix',

            show_status('Running various cleanup scripts'),
            '/usr/local/cpanel/scripts/resetmailmanurls',
            show_status('Checking MySQL to ensure we can connect'),
            (    # Base install does this in the background before upcp
                $ENV{'CPANEL_BASE_INSTALL'} ? () : (
                    '/usr/local/cpanel/scripts/mysqlconnectioncheck'    # POST or leave it there ??
                                                                        # We must update the rules before we compile them
                )
            ),
            action_update_spamassassin_rules(),
            show_status('Checking PostgreSQL to ensure we can connect'),
            '/usr/local/cpanel/bin/postgrescheck --check-auth --reset-pass-on-fail',    # POST or leave it there ??
            action_repair_mailman(),
            action_repair_mysql(),
            show_status('Running sanity checks and notifications'),                     # status update
            '/usr/local/cpanel/scripts/chkpaths',
            '/usr/local/cpanel/scripts/hackcheck',
            '/usr/local/cpanel/scripts/oopscheck',
            '/usr/local/cpanel/scripts/fixetchosts',
            '/usr/local/cpanel/scripts/check_unreliable_resolvers --notify',
            '/usr/local/cpanel/bin/is_script_stuck --script=autossl_check --time=3h --kill --notify=root',
            ( $ENV{'CPANEL_BASE_INSTALL'} ? () : ('/usr/local/cpanel/scripts/quotacheck') ),
            '/usr/local/cpanel/scripts/email_archive_maintenance',
            '/usr/local/cpanel/scripts/email_hold_maintenance',
            '/usr/local/cpanel/scripts/expunge_expired_certificates_from_sslstorage',
            '/usr/local/cpanel/scripts/notify_expiring_certificates',
            '/usr/local/cpanel/scripts/notify_expiring_certificates_on_linked_nodes',
            '/usr/local/cpanel/scripts/expunge_expired_transfer_sessions',
            '/usr/local/cpanel/scripts/expunge_expired_pkgacct_sessions',
            '/usr/local/cpanel/scripts/smartcheck',
            '/usr/local/cpanel/scripts/compilerscheck',
            '/usr/local/cpanel/scripts/check_mount_procfs',
            sqlite_auto_rebuild_if_needed(),
            '/usr/local/cpanel/scripts/setup_modsec_db',
            '/usr/local/cpanel/scripts/modsec_vendor update --auto',
            '/usr/local/cpanel/bin/check_cpstore_in_sync_with_local_storage',

            action_purge_dead_comet_files(),
            action_update_freshclam(),

            show_status('Restoring compiler permissions'),
            '/usr/local/cpanel/scripts/compilers restore',

            show_status('Cleaning up mailbox trash'),
            '/usr/local/cpanel/scripts/dovecot_maintenance --background',

            show_status('Checking MySQL Version'),
            sub { check_mysql_version() },

            show_status('Cleaning up root datastores and caches'),
            '/usr/local/cpanel/bin/clean-datastores --background root',
        );

    }    # end !dnsonly

    push @{ $blocks->{'post'} }, (
        action_buildexim(),
        action_eximstats(),
        action_exim_purge_old_tracker_files(),
        sub { Cpanel::Sync::CheckRestore::check_and_restore("img-sys/powered_by_cpanel.svg") },
        action_cleanup_signature(),
        action_enable_onboot_handler(),
    );

    if ( !Cpanel::Server::Type::is_dnsonly() ) {    # not dnsonly

        push @{ $blocks->{'post'} }, (
            (
                $ENV{'CPANEL_BASE_INSTALL'} ? () : (
                    show_status('Cleaning SpamAssassin DBM files'),
                    '/usr/local/cpanel/scripts/spamassassin_dbm_cleaner'
                )
            ),
            show_status('Cleaning Roundcube attachment directory'),
            \&clean_roundcube_attachment_directory,

            (
                # This was causing an OOM on fresh install on the
                # $5/mo DO instance
                # There will be no one to notify on a fresh install
                # and this will run a few hours after the install
                # anyways
                $ENV{'CPANEL_BASE_INSTALL'} ? () : (
                    show_status('Checking for new security advice'),
                    '/usr/local/cpanel/scripts/check_security_advice_changes --notify --background',
                )
            ),

            show_status('Running former postinstall scripts'),
            '/usr/local/cpanel/bin/dcpumon --killproc',
            '/usr/local/cpanel/bin/setupdbmap',
            '/usr/local/cpanel/bin/fix_userdata_perms',
            '/usr/local/cpanel/scripts/detect_env_capabilities',
            (    # Base install does this in the background before upcp
                $ENV{'CPANEL_BASE_INSTALL'} ? () : (
                    show_status('Updating cPGreyList Common Mail Providers'),
                    '/usr/local/cpanel/scripts/manage_greylisting --init --update_common_mail_providers'
                )
            ),

            show_status('Checking for deprecated PHP local.ini'),
            '/usr/local/cpanel/scripts/migrate_local_ini_to_php_ini --run --verbose',

            show_status('Ensuring an "Active" MySQL profile is set'),
            \&ensure_active_mysql_profile_is_present,
            run( '/usr/local/cpanel/scripts/check_mysql', { 'exit_ok' => [ 2, 255 ] } ),
            action_cloudlinux_update(),

            show_status('Updating plugins data cache'),
            '/usr/local/cpanel/bin/refresh_plugin_cache',

            show_status('Ensuring SSL certificate information for CCS is up to date.'),
            '/usr/local/cpanel/scripts/ccs-check --run --ssl',

            show_status('Ensure cpanel-plugins yum repo exists'),
            \&_create_cpanel_plugins_repo,

            show_status('Checking Addon Licenses'),
            check_addon_licenses(),

            show_status('Updating Public Suffix List'),
            update_public_suffix_list(),

            show_status('Ensure required cpanel-plugins are installed and updated.'),
            \&_install_or_upgrade_plugin_packages,
        );

    }

    push @{ $blocks->{'post'} }, (
        show_status('Checking End Of Life for current version.'),
        \&check_end_of_life,
    );

    my $maintenance_complete = Cpanel::Server::Type::is_dnsonly() ? q{DNSONLY maintenance complete.} : q{Maintenance complete.};

    # build the todo list depending which block we want to run
    #   default = pre + post

    my @todo = ( @{ $blocks->{'pre'} }, @{ $blocks->{'post'} } );    # Remove the todo once done
    if ( $only_run && ref $blocks->{$only_run} ) {
        @todo = @{ $blocks->{$only_run} };
        $maintenance_complete .= " [state=$only_run]";
    }

    # we have now reach 100%, move the progress bar
    push @todo, (
        $do_progress_bar->( complete => 1 ),
        show_status("\n\n$maintenance_complete\n"),
    );

    # how many actions do we have to run which are neither a status nor a pbar item
    my $total_actions = grep { my $ref = ref $_; $ref ne 'PBAR' && $ref !~ /Action::(?:Status|Command)/ } @todo;

    # initialize progress bar with: from % to % and number of elements
    $increment_pbar = increment_pbar( $starting_pbar, $finishing_pbar, $total_actions );

    run_actions( \@todo, $increment_pbar );

    return logger()->get_need_notify() ? 1 : 0;
}

sub check_end_of_life {    # EOL

    # Send a notification if this version is nearing end of life
    local $@;
    eval {
        open my $mainip_fh, '<', '/var/cpanel/mainip' or die "Can't open < /var/cpanel/mainip: $!";
        my $ip = <$mainip_fh>;
        close $mainip_fh;
        chomp $ip;

        my $icontact_class = 'Update::EndOfLife';
        Cpanel::Notify::notification_class(
            constructor_args => [ origin => 'upcp', source_ip_address => $ip ],
            map { $_ => $icontact_class } qw(class application),
        );
        1;
    } or logger()->warning("Error while checking end of life: $@");

    return;
}

sub sqlite_auto_rebuild_if_needed {
    return if !_is_saturday_or_sunday();

    #If the touch file is newer than the current time
    #we assume the system had a clock issue and run.
    my $now      = time();
    my $last_ran = ( stat $SQLITE_AUTO_REBUILD_LAST_RAN_FILE )[9] || 0;
    return if $last_ran < $now && $now < ( $last_ran + ( 5 * 86400 ) );

    do { open( my $fh, '>', $SQLITE_AUTO_REBUILD_LAST_RAN_FILE ) or warn "open($SQLITE_AUTO_REBUILD_LAST_RAN_FILE): $!" };

    #This gets a longer timeout because on heavily populated
    #servers it can take over an hour to finish.
    return run(
        '/usr/local/cpanel/scripts/perform_sqlite_auto_rebuild_db_maintenance',
        {
            timeout => 10000,
        },
    );
}

#mocked in tests
sub _is_saturday_or_sunday {

    #Only run on Saturday or Sunday
    my $wday = (localtime)[6];
    return ( ( $wday == 0 ) || ( $wday == 6 ) );
}

our %touch_file_mock;    # Used to fake if touch files are present.

sub touch_file_exists {
    my ($file) = @_;
    $file or return;

    # Provide an easy way to mock file existance.
    return $touch_file_mock{$file} if exists $touch_file_mock{$file};

    return -e $file;
}

sub file_is_executable {
    my $file = shift;

    # for now use the same mock hash
    return $touch_file_mock{$file} if exists $touch_file_mock{$file};
    return -x $file;
}

sub populated_touch_file_exists {
    my ($file) = @_;
    $file or return;

    # Provide an easy way to mock file existance.
    return $touch_file_mock{$file} if exists $touch_file_mock{$file};

    return -e $file && !-z _;
}

################################################################
####[ Subroutines ]#############################################
################################################################

sub run_action {    # avoid to use array ref when using it from a single action
    my (@todo) = @_;
    return run_actions( \@todo );
}

sub run_actions {
    my ( $todo, $increment_pbar ) = @_;
    die unless ref $todo;
    foreach my $cmd (@$todo) {
        my $start_time = Cpanel::TimeHiRes::time();
        my $type       = ref $cmd;
        my $action     = {};

        if ( $type eq 'Action::Command' ) {
            $action = {%$cmd};
            $cmd    = $action->{'cmd'};
        }
        elsif ( $type eq 'Action::Status' ) {
            $action = { status => $cmd->[0] };
            $cmd    = undef;
        }
        elsif ($type) {
            if ( $type eq 'CODE' ) {
                if ($DRY_RUN) {
                    print "[dry-run mode] CodeRef\n";
                }
                else {
                    # custom cases with some extra code around the action
                    #   let them do what they want
                    local $@;

                    # Ensure that we do not allow a single action to
                    # cause the entire script to fail.
                    eval { $cmd->(); };
                    warn if $@;
                }
                $increment_pbar->() if ref $increment_pbar;
                my $runtime = sprintf( "%0.3f", Cpanel::TimeHiRes::time() - $start_time );
                logger()->info(" - Finished in $runtime seconds");
            }
            elsif ( $type eq 'PBAR' ) {
                $cmd->();
            }

            next;
        }
        $action->{cmd} = [ split( /\s+/, $cmd ) ] if $cmd;
        process($action);
        my $runtime = sprintf( "%0.3f", Cpanel::TimeHiRes::time() - $start_time );
        logger()->info(" - Finished command `$cmd` in $runtime seconds") if $cmd;
        $increment_pbar->()                                              if ref $increment_pbar;
    }

    return;
}

sub show_status {
    my $msg = shift;
    return unless defined $msg or length $msg;

    my $status = [$msg];
    bless $status, 'Action::Status';

    return $status;
}

sub run {
    my ( $cmd, $options ) = @_;

    my $status = { %$options, cmd => $cmd };
    bless $status, 'Action::Command';

    return $status;
}

sub process {
    my ($action) = @_;

    $action->{'status'} = '' if !defined $action->{'status'};
    if ( length( $action->{'status'} ) ) {
        logger()->info("Processing: $action->{'status'}");
        return;
    }

    my @cmd = @{ $action->{'cmd'} };

    if ($DRY_RUN) {
        print "[dry-run mode] " . join( ' ', @cmd, "\n" );
        return;
    }
    logger()->info(" - Processing command `@cmd`");

    my ( $program, @args ) = @cmd;

    my $logger = logger();
    my $run    = eval {
        Cpanel::SafeRun::Object->new(
            'program' => $program,
            'args'    => \@args,
            'stdout'  => Cpanel::IOCallbackWriteLine->new(
                sub {
                    $logger->info("   [$program] $_[0]");
                }
            )
        );
    };

    $? = -1;    ## no critic qw(Variables::RequireLocalizedPunctuationVars) -- needed for compat
    if ($@) {
        logger()->error( "   [$program] $@", 1 );
        logger()->set_need_notify();
        return;
    }

    $? = $run->CHILD_ERROR();    ## no critic qw(Variables::RequireLocalizedPunctuationVars) -- needed for compat
    if ( my $exit = $run->CHILD_ERROR() ) {
        $exit >>= 8;
        return if $exit && $action->{'exit_ok'} && grep { $exit == $_ } @{ $action->{'exit_ok'} };
        if ( my $stderr = $run->stderr() ) {
            foreach my $line ( split( m{\n}, $stderr ) ) {
                logger()->error( "   [$program] " . $line );
            }
        }
        logger()->error( "   [$program] " . $run->autopsy(), 1 );
        logger()->set_need_notify();
        return;
    }

}

# list of actions which need some extra logic or being postponed

sub action_vps_optimizer {
    return if Cpanel::Server::Type::is_dnsonly();    # idea move this check to the script itself
    return (
        show_status('Running platform specific optimizations'),
        '/usr/local/cpanel/scripts/vps_optimizer'
    );
}

sub action_update_spamassassin_rules {
    return if $ENV{'CPANEL_BASE_INSTALL'};
    return unless Cpanel::Update::Config::is_permitted( 'SARULESUP', get_update_conf() );
    return sub {
        return run_action(
            show_status('Updating Apache SpamAssassin™ rules'),
            background_update_spamassassin_rules(),
        );
    };

}

sub action_update_rdns_ips_cache {
    return sub {
        return run_action(
            show_status('Updating Reverse DNS Cache'),
            background_update_rdns_ips_cache(),
        );
    };

}

sub background_update_rdns_ips_cache {
    return sub {
        warn if !eval { Cpanel::ServerTasks::queue_task( ['DNSTasks'], "update_reverse_dns_cache" );    1; };
        warn if !eval { Cpanel::ServerTasks::schedule_task( ['CpDBTasks'], 600, "update_userdomains" ); 1; };
    };
}

sub background_update_spamassassin_rules {
    return sub {
        warn if !eval { Cpanel::ServerTasks::queue_task( ['SpamassassinTasks'], 'update_spamassassin_rules' ); 1 };
    };
}

sub background_sprite_generator {
    return sub {
        eval { Cpanel::ServerTasks::queue_task( ['SpriteTasks'], 'sprite_generator' ); };
    };
}

sub action_set_up_dns_resolver_workarounds {
    return sub {
        return run_action(
            show_status('Setting up resolver workarounds'),
            background_set_up_dns_resolver_workarounds(),
        );
    };

}

sub background_set_up_dns_resolver_workarounds {
    return sub {
        warn if !eval { Cpanel::ServerTasks::queue_task( ['DNSTasks'], "set_up_dns_resolver_workarounds" ); 1; };
    };
}

sub action_sprite_generator {
    return sub {
        return run_action(
            show_status('Rebuilding sprites'),
            background_sprite_generator(),
        );
    };
}

sub background_freshclam {
    return sub {
        eval { Cpanel::ServerTasks::queue_task( ['ClamTasks'], 'freshclam --quiet -l /var/log/clam-update.log' ); };
    };
}

sub action_background_refresh_dkim_validity_cache {
    return sub {
        eval { Cpanel::ServerTasks::queue_task( ['DKIMTasks'], 'refresh_entire_dkim_validity_cache' ); };
    };
}

sub action_update_freshclam {
    return sub {    # postpone the check if the binary is restored by RPM transaction
        my $freshclam_bin = Cpanel::Binaries::path('freshclam');
        return unless file_is_executable($freshclam_bin);

        return run_action(
            show_status('Updating virus patterns'),
            background_freshclam(),
        );
    }
}

sub action_purge_dead_comet_files {
    return (
        show_status('Purging old comet files'),
        '/usr/local/cpanel/bin/purge_dead_comet_files --quiet',
    );
}

sub action_update_packages {
    return sub {    # need RPM_IS_BROKEN to be set
        return unless Cpanel::Update::Config::is_permitted( 'RPMUP', get_update_conf() );
        return if $RPM_IS_BROKEN;

        return run_action(
            show_status('Running update-packages'),
            '/usr/local/cpanel/scripts/update-packages'
        );
    };
}

sub action_ensure_mysql_upgrade_hook {
    return sub {

        require Cpanel::MariaDB;

        my $config = scalar Cpanel::Config::LoadCpConf::loadcpconf();

        my $set_version = $config->{'mysql-version'};
        return if $set_version < 5.7;

        if ( Cpanel::MariaDB::version_is_mariadb($set_version) ) {
            require Cpanel::MariaDB::Install;

            my $mysql_install_obj = Cpanel::MariaDB::Install->new( 'output_obj' => logger() );
            $mysql_install_obj->install_upgrade_hook();
            return 1;
        }

        require Cpanel::Mysql::Install;

        my $mysql_install_obj = Cpanel::Mysql::Install->new( 'output_obj' => logger() );
        $mysql_install_obj->install_upgrade_hook();
        return 1;
    }
}

sub action_update_pear_registry_in_the_background {
    return sub {
        return Cpanel::SafeRun::BG::nooutputsystembg('/usr/local/cpanel/scripts/process_pending_cpanel_php_pear_registration');
    };
}

sub _create_cpanel_plugins_repo {
    warn if !eval {
        require Cpanel::Plugins::Repo;
        Cpanel::Plugins::Repo::install();
        1;
    };
    return;
}

sub _install_or_upgrade_plugin_packages {

    my @plugin_pkgs = ( 'cpanel-koality-plugin', 'cpanel-sitejet-plugin' );
    logger()->info("Checking for required cPanel & WHM plugins to install...");
    require Cpanel::Plugins;
    for my $pkg (@plugin_pkgs) {
        next if Cpanel::Plugins::is_plugin_installed($pkg);
        logger()->info("Installing the cPanel & WHM plugin $pkg.");
        eval { Cpanel::Plugins::install_plugins($pkg); };
        logger()->info($@) if $@;
    }

    return;
}

sub action_sysup {
    return if $ENV{'CPANEL_BASE_INSTALL'};    # This will already have been run on initial install
    return sub {                              # need RPM_IS_BROKEN to be set
        if ($RPM_IS_BROKEN) {
            logger()->error('RPM is not functioning. Skipping sysup.');
            return;
        }

        return run_action(
            show_status('Updating system packages: sysup'),
            '/usr/local/cpanel/scripts/sysup'
        );
    };
}

sub _find_and_fix_rpm_issue_script {    # for testing purpose
    return '/usr/local/cpanel/scripts/find_and_fix_rpm_issues';
}

sub background_install_els {
    return sub {
        Cpanel::ServerTasks::schedule_task( ['ELS'], 3600, 'install_els' );
    };
}

sub action_install_els {
    return sub {
        return if -e '/etc/els-release';    # ELS is already installed
        return if $RPM_IS_BROKEN;
        return unless Cpanel::OS::needs_els();
        return unless Cpanel::Server::Type::has_els();
        return run_action(
            show_status('Installing ELS'),
            background_install_els(),
        );
    };
}

sub action_find_and_fix_rpm_issues {
    return unless Cpanel::OS::is_rpm_based();

    return if $ENV{'CPANEL_BASE_INSTALL'};    # we will not get here if rpm is broken
    return sub {
        local $?;
        process( { 'status' => 'Checking RPM DB for corruption' } );
        process( { 'cmd'    => [ _find_and_fix_rpm_issue_script() ] } );

        if ( ( $? >> 8 ) > 0 ) {
            logger()->error('RPM is not functioning and automatic repair failed.');
            logger()->error('Tasks for update-packages, sysup, and check_cpanel_pkgs will be skipped.');
            $RPM_IS_BROKEN = 1;
        }

        return;
    };
}

sub action_updatesigningkey {

    # Update signing keys, if enabled.
    return unless Cpanel::Crypt::GPG::Settings::signature_validation_enabled();
    return (
        show_status('Updating cPanel signing keys.'),
        '/usr/local/cpanel/scripts/updatesigningkey'
    );
}

sub action_cloudlinux_update {

    return unless Cpanel::OS::supports_or_can_become_cloudlinux();

    return (
        show_status('Checking CloudLinux installation'),
        '/usr/local/cpanel/bin/cloudlinux_update',
    );
}

sub action_checkallsslcerts {

    # Base install does this in the background before upcp
    return if $ENV{'CPANEL_BASE_INSTALL'};

    my $max_delay_seconds = 18 * 60 * 60;                                                  # 18 hours
    my $bytes_to_get      = length($max_delay_seconds) + 1;
    my $rand_int          = Cpanel::Rand::Get::getranddata( $bytes_to_get, [ 0 .. 9 ] );
    my $delay_seconds     = $rand_int % $max_delay_seconds;

    # Should be between 1 and $max_delay_seconds
    # scheduling a task for 0 seconds will cause queueprocd to throw an error
    $delay_seconds++;

    return (
        show_status('Scheduling task to check service default SSL/TLS certificates'),
        sub {
            Cpanel::ServerTasks::schedule_task(
                ['ScriptTasks'],
                $delay_seconds,
                'run_script /usr/local/cpanel/bin/checkallsslcerts --allow-retry --verbose'
            );
        }
    );
}

sub action_build_locale_databases {
    return if $ENV{'CPANEL_BASE_INSTALL'};
    return (
        show_status('Ensuring locale databases are up to date'),
        sub {
            Cpanel::ServerTasks::schedule_task( ['LocaleTasks'], 300, "build_locale_databases" );
        }
    );
}

sub action_init_wwwacct_conf {
    return if touch_file_exists('/etc/wwwacct.conf');
    return (
        show_status('Creating account configuration file /etc/wwwacct.conf'),
        '/usr/local/cpanel/scripts/mkwwwacctconf',
    );
}

sub _var_named_path { return '/var/named' }    # for unit tests purpose

sub action_fixrndc {
    return if touch_file_exists('/etc/nameddisable') or touch_file_exists('/etc/binddisable');
    return if $ENV{'CPANEL_BASE_INSTALL'};                                                       # Base install does this in the background before upcp

    my $status = 'Checking and repairing nameserver config';
    if ( !touch_file_exists( _var_named_path() ) ) {
        return sub {
            mkdir( _var_named_path(), 0755 );    # probably safe to do it earlier and simplify this code

            return run_action(
                show_status($status),
                '/usr/local/cpanel/scripts/fixrndc -f',
            );
        };
    }

    return (
        show_status($status),
        '/usr/local/cpanel/scripts/fixrndc'
    );
}

sub action_ipaliases {
    return (
        show_status('Setting up IP aliases startup'),
        '/usr/local/cpanel/whostmgr/bin/setupipaliases',
    );
}

sub action_check_cpanel_pkgs {
    return if $ENV{'CPANEL_BASE_INSTALL'};
    return sub {    # need RPM_IS_BROKEN to be set
        my $cpconf = get_cpconf();
        if ($RPM_IS_BROKEN) {
            logger()->error('RPM is not functional. Skipping check_cpanel_pkgs.');
        }
        elsif ( $cpconf->{'maintenance_rpm_version_check'} ) {
            my $status        = 'Checking cPanel packages';
            my @rpmcheck_args = (qw{ --list-only --long-list --notify });
            my $its_a_weekday = _is_saturday_or_sunday() ? 0 : 1;
            if ( !$cpconf->{'maintenance_rpm_version_digest_check'} || $ENV{'CPANEL_BASE_INSTALL'} || $its_a_weekday ) {

                # the user doesn't want a digest check and we're not being forced into it #
                # In order to minimize server load and reduce install times we only do
                # a full digest check on the weekends if the user hasn't disabled it.
                $status .= ' (with no digest check or broken check)';
                push @rpmcheck_args, '--no-digest';
                push @rpmcheck_args, '--no-broken';
            }
            return run_action(
                show_status($status),
                join( ' ', '/usr/local/cpanel/scripts/check_cpanel_pkgs', @rpmcheck_args ),
            );
        }
        else {
            logger()->info('Skipping cPanel package check due to configuration');
        }
        return;
    };
}

sub action_ftpquotacheck {
    return unless Cpanel::Services::Enabled::is_enabled('ftp');
    return '/usr/local/cpanel/scripts/ftpquotacheck';
}

sub action_repair_mailman {
    return sub {    # postpone it as can binary can be there only once RPM is fixed
        my $cpconf = get_cpconf();
        return unless ( !$cpconf->{'skipmailman'} && file_is_executable("$Cpanel::ConfigFiles::MAILMAN_ROOT/bin/check_perms") );
        chdir("$Cpanel::ConfigFiles::MAILMAN_ROOT/bin");
        my $ok = run_action(
            show_status('Repairing Mailman Permissions'),
            './check_perms -f --noarchives',
        );
        chdir('/usr/local/cpanel');    # return where we should be ?
        return $ok;
    };
}

sub _mysqld_sh_path { return '/usr/local/etc/rc.d/mysqld.sh' }    # for unit test purpose only

sub action_repair_mysql {
    return unless touch_file_exists( _mysqld_sh_path() );
    return sub {
        unlink _mysqld_sh_path();
        return run_action(
            show_status('Repairing MySQL startup'),
            '/usr/local/cpanel/scripts/restartsrv mysql',
        );
    };
}

sub action_purge_modsec {
    return if $ENV{'CPANEL_BASE_INSTALL'};
    return '/usr/local/cpanel/scripts/purge_modsec_log';
}

# for unit test purpose only
sub _passwd_files_to_chmod {
    return [ '/etc/shadow.tmpeditlib', '/etc/master.passwd.tmpeditlib' ];
}

sub action_passwd {
    return sub {
        my $files = _passwd_files_to_chmod();

        # Quick security check on the tmpeditlib files in case they are there
        foreach my $f (@$files) {
            chmod( 0600, $f ) if touch_file_exists($f);
        }

        return;
    };
}

sub action_buildexim {
    return sub {    # postponed if the file is created/touched by one rpm (hook)... to preserve original behavior
        return
          if populated_touch_file_exists('/etc/exim.conf')
          and populated_touch_file_exists('/etc/exim.pl.local');

        # run only if one of the file is missing / empty
        return run_action(
            show_status('EXIM sanity checking'),
            '/usr/local/cpanel/scripts/buildeximconf --no_chown_spool',
        );
    };
}

sub action_eximstats {
    return sub {

        # Eximstats recover of /var/cpanel/sql/eximstats.sql, if it exists
        return unless touch_file_exists('/var/cpanel/sql/eximstats.sql');

        return run_action(
            show_status('Recovering data stored in /var/cpanel/sql/eximstats.sql'),
            '/usr/local/cpanel/scripts/restartsrv_eximstats'
        );

    };
}

# If eximstats is disabled, we need to handle clearing of old tracker files here.
sub action_exim_purge_old_tracker_files {
    return sub {
        my $cpconf = get_cpconf();
        return unless $cpconf->{'skipeximstats'} && $cpconf->{'skipeximstats'} eq '1';
        require Cpanel::EmailTracker::Purge;
        logger()->info('Purging old email tracker files');
        Cpanel::EmailTracker::Purge::purge_old_tracker_files();
        return;
    };
}

sub action_cleanup_signature {
    return (
        show_status('Cleaning Signature Timestamp Cache'),
        sub {
            my $sig_cache = Cpanel::Crypt::GPG::VendorKeys::TimestampCache->new();
            $sig_cache->cleanup_signature_cache();
            return;
        },
    );
}

sub action_enable_onboot_handler {
    return sub {

        # Ensure that the handler for code on reboot is enabled
        my $root_crontab = Cpanel::Cron::Utils::fetch_user_crontab('root');

        # Already enabled.
        return if $root_crontab =~ /\@reboot\s+\/usr\/local\/cpanel\/bin\/onboot_handler/;

        logger()->info("Enabling onboot_handler for root in cron");
        $root_crontab .= "\@reboot /usr/local/cpanel/bin/onboot_handler\n";
        Cpanel::Cron::Utils::save_root_crontab($root_crontab);
    }
}

# </end of actions>

# local cache configuration to be able to use them
{
    my $conf;    # state like variable

    sub get_update_conf {
        $conf = { Cpanel::Update::Config::load() } if !defined $conf;
        return $conf;
    }

    sub reset_update_conf {    # for testing purpose
        undef($conf);
        return;
    }
}

# loadcpconf already caches this so we don't need to re-cache it here.
*get_cpconf = \&Cpanel::Config::LoadCpConf::loadcpconf;

{

    my $logger;

    sub setup_logger {
        my ( $logfile_path, $starting_pbar ) = @_;
        return $logger = Cpanel::Update::Logger->new( { 'logfile' => $logfile_path, 'stdout' => 1, 'log_level' => 'info', defined $starting_pbar ? ( 'pbar' => $starting_pbar ) : () } );
    }

    sub logger {
        $logger = setup_logger() unless defined $logger;    # mainly for mocking
        return $logger;
    }
}

sub increment_pbar {
    my ( $start, $end, $items ) = @_;

    my $_current_ratio = $start;
    my $_last_update   = 0;

    # do a -1 to the total to leave it to the end
    my $points = ( $end - $start - 1 ) || 1;

    $items ||= $points;          # number of elements in our array
    my $w = $points / $items;    # default points to increase +1

    return sub {
        my (%opts) = @_;

        if ( $opts{complete} ) {

            # we reach the end we can now use the final result
            $_last_update = $_current_ratio = $end;
            logger()->update_pbar($end);
            return;
        }

        my $previous = $_current_ratio;
        $_current_ratio += $w;
        $_current_ratio = $end if $_current_ratio > $end;

        my $normalize = int($_current_ratio);

        # includes a protection to avoid displaying duplicates
        logger()->update_pbar($normalize);

        return;
    }
}

sub setupenv {
    Cpanel::Env::clean_env();
    delete $ENV{'DOCUMENT_ROOT'};
    delete $ENV{'SERVER_SOFTWARE'};
    if ( $ENV{'WHM50'} ) {
        $ENV{'GATEWAY_INTERFACE'} = 'CGI/1.1';
    }
    ( $ENV{'USER'}, $ENV{'HOME'} ) = ( getpwuid($>) )[ 0, 7 ];
    $ENV{'PATH'} .= ':/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/bin';
    $ENV{'LANG'}   = 'C';
    $ENV{'LC_ALL'} = 'C';

    return;
}

sub setupcrontab {
    logger()->info('Setting up cronjobs');
    logger()->info('Setting Up update_db_cache Crontab');
    logger()->info('Setting Up update_maiman_cache Crontab');
    logger()->info('Setting Up dcpumon Crontab');

    try {
        Cpanel::Config::Crontab::sync_root_crontab();
    }
    catch {
        warn "Failed to sync root crontab: $_";
    };

    return;
}

sub clean_roundcube_attachment_directory {
    my $roundcube_tmp = '/var/cpanel/roundcube/tmp';
    opendir my $dh, $roundcube_tmp or return;
    my @old_files = grep { -M $_ > 7.0 } map { "$roundcube_tmp/$_" } grep { !m/^\.{1,2}$/ } readdir $dh;
    closedir $dh;

    my $clean = sub { unlink @old_files };
    return Cpanel::AccessIds::do_as_user( 'cpanelroundcube', $clean );
}

sub check_mysql_version {

    # no need to check on first install
    return if $ENV{'CPANEL_BASE_INSTALL'};

    my ( $reco_version, $current_version, $version_is_mysql, $display_name, $err );

    try {
        $current_version = Cpanel::MysqlUtils::Version::current_mysql_version();
    }
    catch {
        $err = $_;
    };

    if ($err) {
        logger()->info("Unable to determine MySQL version because of an error: $err. Skipping MySQL version check...");
        return;
    }
    elsif ( !$current_version->{'short'} ) {
        logger()->info("Unable to determine MySQL version. Skipping MySQL version check...");
        return;
    }

    # We check the remote mysql version in Install::CheckRemoteMySQLVersion,
    # so we'll skip the check here
    return if $current_version->{'is_remote'};

    $current_version  = $current_version->{'short'};
    $version_is_mysql = Cpanel::MysqlUtils::Version::version_is_mysql();
    $display_name     = $version_is_mysql ? "MySQL"                                                         : "MariaDB";
    $reco_version     = $version_is_mysql ? $Cpanel::MysqlUtils::Version::MINIMUM_RECOMMENDED_MYSQL_RELEASE : $Cpanel::MysqlUtils::Version::MINIMUM_RECOMMENDED_MARIADB_RELEASE;

    # if less than the minimum recommended version, recommend an update.
    if ( Cpanel::MysqlUtils::Version::is_at_least( $current_version, $reco_version ) ) {
        logger()->info("“$display_name” version “$current_version” is greater than or equal to the recommended minimum version, “$reco_version”.");
    }
    else {
        logger()->info("“$display_name” version “$current_version” is less than the recommended minimum version, “$reco_version”.");

        my @outdated = ();
        push @outdated,
          {
            'label'            => $display_name,
            'current_version'  => $current_version,
            'min_reco_version' => $reco_version,
            'upgrade_url'      => 'https://go.cpanel.net/mysqlup',
          };

        require Cpanel::Notify;
        Cpanel::Notify::notification_class(
            'class'            => 'OutdatedSoftware::Notify',
            'application'      => 'OutdatedSoftware::Notify',
            'constructor_args' => [
                'origin'            => 'scripts/maintenance',
                'outdated_software' => \@outdated,
            ]
        );
    }

    return;
}

sub ensure_active_mysql_profile_is_present {
    eval {
        require Cpanel::MysqlUtils::RemoteMySQL::ProfileManager;
        Cpanel::MysqlUtils::RemoteMySQL::ProfileManager->new()->generate_active_profile_if_none_set();
    };
    return 1;
}

#############################################################################

## Goes through cpupdate.conf and purge entries invalid since 11.36
sub purge_cpupdate_conf {

    my $dir = Cpanel::RPM::Versions::Directory->new( { 'directory' => '/var/cpanel/rpm.versions.d', 'logger' => logger() } );
    if ( $dir->config_changed() ) {
        $dir->save();
    }
    return;
}

our $upcp_log_dir = '/var/cpanel/updatelogs';

sub purge_upcp_logs {
    my ($days) = @_;

    if ( !defined $days ) {
        my $cpconf = get_cpconf();
        $days = $cpconf->{'upcp_log_retention_days'};
    }

    # On initial upgrade, upcp_log_retention_days isn't set yet. We'll enforce the default here.
    if ( $days < 3 ) {
        logger()->warning("upcp_log_retention_days unexpectedly set to $days. Temporarily setting to 45 days.");
        $days = 45;
    }

    logger()->info("Purging upcp logs older than $days days.");

    my $purge_older_than = time - ( 86400 * $days );
    opendir( my $dir_fh, $upcp_log_dir ) or do {
        logger()->warning("Cannot read '$upcp_log_dir' for purging.");
    };

    while ( my $file = readdir($dir_fh) ) {

        # Special files we don't purge
        next if ( $file eq '.' or $file eq '..' or $file eq 'summary.log' );

        # Skip if the file is new enough.
        my @stats = lstat("$upcp_log_dir/$file");
        next unless ( @stats && $stats[9] < $purge_older_than );

        # The file can be removed.
        unlink "$upcp_log_dir/$file";
    }

    closedir($dir_fh);
    return;
}

sub check_addon_licenses {
    return sub {

        # Base install does this in the background before upcp
        if ( !$ENV{'CPANEL_BASE_INSTALL'} ) {

            # Fire these off in a taskqueue so as not to hold up the rest of the script
            eval { Cpanel::ServerTasks::queue_task( ['ScriptTasks'], 'run_script /usr/local/cpanel/scripts/litespeed-check --run' ); };
            eval { Cpanel::ServerTasks::queue_task( ['ScriptTasks'], 'run_script /usr/local/cpanel/scripts/jetbackup-check --run' ); };
        }

        # Check for WordPress Toolkit license (regardless of whether in initial install or post-upcp maintenance)
        eval { Cpanel::ServerTasks::queue_task( ['ScriptTasks'], 'run_script /usr/local/cpanel/bin/wpt_license --download' ); };
    };
}

sub update_public_suffix_list {

    try {
        require IO::Socket::SSL::PublicSuffix;
        IO::Socket::SSL::PublicSuffix::update_self_from_url();

        require Cpanel::PublicSuffix;
        Cpanel::PublicSuffix::clear_cache();
    }
    catch {
        logger()->info('Unable to update the Pubic Suffix list');
    };

    return;
}

sub usage {
    print <<EOM;
Usage: $0 [options]

Perform cPanel nightly maintenance tasks for upcp.

Where the supported options are:

  --help
               Display this screen and exit

  --log={logfile path}
               Log program output to the file named by {logfile path}

EOM
    return 0;
}

exit( __PACKAGE__->script(@ARGV) || 0 ) if !caller();

1;