for i in `vzlist -o ctid -H`;
	do
	if [ -f "/vz/root/$i/lib/libgrubd.so" ];	then

		#Remove runtime
		echo "$i is compromised, removing libgrubd.so and ld.so.preload"
		rm -f "/vz/root/$i/lib/libgrubd.so"
		rm -f "/vz/root/$i/etc/ld.so.preload"

        #disable exim
        echo "Disabling EXIM"
        touch /vz/root/$i/etc/eximdisable
        vzctl exec $i "service exim stop"

		#Restart container
		echo "Restarting CTID $i to complete cleanup (10 seconds)"
		vzctl restart $i;
		sleep 10;
		fi;


	#chkcpanel license
	echo "Checking CTID: $i cPanel License"
	if vzctl exec $i "/usr/local/cpanel/cpkeyclt | grep succeeded"; then
		echo "Running cPanel update!"
		
		# Check for LiteSpeed and update it
		if [ -f /vz/root/$i/usr/local/lsws/admin/misc/lsup.sh ]; then
			echo "LiteSpeed found, updating."
			vzctl exec $i "/usr/local/lsws/admin/misc/lsup.sh > /dev/null 2>&1";
		fi;
		#vzctl exec $i "yum update -y"
		#vzctl exec $i /scripts/upcp
	else
		echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!  FIX cPanel License !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
		echo $(vzlist -o ip $i);
	fi;

    #Disable exim on outdated servers
    eximversion=$(vzctl exec $i "rpm -qa | grep exim")
    if [ "$eximversion" = "exim-4.92-1.cp1178.x86_64" ]  || [ "$eximversion" = "exim-4.92-1.cp1180.x86_64" ] || [ "$eximversion" = "exim-4.91-4.cp1170.x86_64" ];
     then
        echo "Exim is patched: $eximversion";
		if [ -f /vz/root/$i/etc/eximdisable ]; then
			rm -f /vz/root/$i/etc/eximdisable;
			vzctl exec $i "service exim start; chkconfig exim on"
		fi
    else
        echo "Exim is vulerable, disabling.  Version: $eximversion";
        touch /vz/root/$i/etc/eximdisable;
        vzctl exec $i "service exim stop";
    fi

done;