Hi Everybody I'm worried because cPanel told me freedesktop was installed on my VPS and I never installed it. Litespeed was installed a few days ago but I couldn't find any information linking freedesktop to LS. Can freedesktop be used as some kind of backdoor? Everything started in this way: 1) Litespeed was installed on WHM. I started to get many emails saying there were many services down and they couldn't be restarted. This was causing the issue: Code: root@ns5 [/var/log]# tail -f messages Jan 14 14:51:44 ns5 dbus: [system] Failed to activate service 'org.freedesktop.systemd1': timed out Jan 14 14:52:09 ns5 dbus: [system] Failed to activate service 'org.freedesktop.systemd1': timed out Jan 14 14:52:20 ns5 nscd: 10966 monitored file `/etc/resolv.conf` was moved, removing watch Jan 14 14:52:20 ns5 nscd: 10966 monitored file `/etc/resolv.conf` was created, adding watch Jan 14 14:52:20 ns5 nscd: 10966 monitored file `/etc/resolv.conf` was written to Jan 14 14:52:34 ns5 dbus: [system] Failed to activate service 'org.freedesktop.systemd1': timed out The issue gone after restarted the VPS 2) I contacted cPanel support and ask them what's going on since the only extensions I have installed are Litespeed, CSF and CS Explorer. They replied the following: Code: This doesn't appear to be an issue related to cPanel, but rather freedesktop. Unfortunately the only threads with the error I have been able to find are a few years old: https://bugs.freedesktop.org/show_bug.cgi?id=50199 What version of freedesktop do you have installed in this server? If it is older than 1.6.12 and 1.7.4 you would want to update to at least those versions. If you do not have it installed it is likely this is an error with the monitoring system in the server. Could you confirm that this is installed, and the version? 3) I told them I've never installed freedesktop so they replied: Code: From the logs it appears this software is part of the dbus system. Looking over the log I am not seeing anything that would have caused this, but it appears to have started on the 10th. Were any changes made to the server around that time? Code: It appears that the message bus system is is alerting of you of the issue. I noticed that you removed sound-theme-freedesktop.noarch recently. Did this first occur after you removed that? It appears that someone may have installed freedesktop at one point. Does anyone have an idea what could happen? Is there any security bug which allows somebody to install freedesktop or to gain access to do it? BTW my VPS is on Linode and after the DDoS attacks and the password change request I'm starting to think my VPS was compromised. Has anyone experienced this before?