Adding Accounts via script PHP without using root?

[daniel_alpha9]

Hi there,

I wrote a script, which adds accounts on my whm-server. The problem is, that I'm using the root-user to gain access to all the information I need...

I need to count all registered accounts on a server,
and to add accounts,
but I don't want to use the root-user (security).

Is a reseller-account enough to perform this?
Or is there any other way to create a user with nearly root-privileges?

For creating accounts on my server, I use the following script:

// Add Account
    $script = "https://$rootname:[email protected]$server:2087/scripts/wwwacct";
    $params = "?plan={$package}&domain={$domain}&username=".$user."&password=".$pass."&contactemail={$mail}&language=de";
    $result = file_get_contents($script.$params);

and for list accounts, i use the following function:

    public static function getCntDomains($rootname, $rootpass, $ip) {

            error_reporting(0);
            $query = "https://".$ip.":2087/xml-api/listaccts";

            $curl = curl_init();
            # Create Curl Object
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
            # Allow self-signed certs
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
            # Allow certs that do not match the hostname
            curl_setopt($curl, CURLOPT_HEADER,0);
            # Do not include header in output
            curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
            # Return contents of transfer on curl_exec
            $header[0] = "Authorization: Basic " . base64_encode($rootname.":".$rootpass) . "\n\r";
            curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
            # set the username and password
            curl_setopt($curl, CURLOPT_URL, $query);
            # execute the query
            $result = curl_exec($curl);
            if ($result == false) {
                    error_log("curl_exec threw error \"" . curl_error($curl) . "\" for $query");
            # log error if curl exec fails
            }
            curl_close($curl);

            $stripped = strip_tags($result);
            $count = substr_count($result, $ip);
            return $count;

    }

And as you know, if you havn't the privileges to perform this action, whm throws an error...

help


I'm sorry, if this is the wrong place to post, but i used the search-function (maybe not good enough?)
and didn't find anything.


Thanks in advance,
daniel

 

[KostonConsulting]

You can add accounts via a reseller but they will be added under that reseller user rather than root. Also, when listing accounts as the user, you will only see the accounts owned by the reseller and not all accounts.

I'd recommend switching to /xml-api/createacct to create the account as cPanel doesn't guarantee that calling :2087/scripts/wwwacct will stay the same like /xml-api/createacct will.

 

[cPanelDavidG]

I usually create a reseller account on my server with a bogus domain and give it root access as not to have user root used for terribly much (after all, it's often the target of brute force attacks and thus blocked by cphulkd anyway). A root-level reseller can do this without restrictions about which reseller owns the account.

 

[daniel_alpha9]

Hey guys,

thank you very much for the help. Finally I'm able to finalize this project.
Thanks again