appconfig user and Cpanel::Config::LoadConfig permission warnings

/var/cpanel/cpanel.config is 644 so it should be able to be read by any user:

Code:

# ls -la /var/cpanel/cpanel.config
-rw-r--r-- 1 root wheel 6131 Nov  7 13:35 /var/cpanel/cpanel.config

The error points to /usr/local/cpanel/Cpanel/Config/LoadConfig.pm line 210.

In that module, you'll see that the code is trying to open the file as either 'rw' or 'r' depending on whether or not $arg_ref->{'rw'} is set:

Code:

my $conflock = Cpanel::SafeFile::safeopen( $conf_fh, ( $arg_ref->{'rw'} ? '+<' : '<' ), $file ) or do {
    require Cpanel::Logger;
    Cpanel::Logger::cplog( "Unable to open $file: $!", 'warn', __PACK        AGE__ );
    return;
};

Unfortunately, we don't see the hash values passed to loadConfig in this error:

Cpanel::Config::LoadConfig::loadConfig('/var/cpanel/cpanel.config', HASH(0x1b16e948), undef, undef, undef, 1, HASH(0x1b16eb28)) called at /usr/local/cpanel/Cpanel/Config/LoadCpConf.pm line 160

We do know that the last HASH is $arg_ref from the function's definition:

Code:

sub loadConfig {
     my ( $file, $conf_ref, $delimiter, $comment, $regexp_to_preprune, $allow_undef_values, $arg_ref ) = @_;

So, we have to look at /usr/local/cpanel/Cpanel/Config/LoadCpConf.pm line 160 which gives us:

Code:

my ( $ref, $fh, $conflock ) = Cpanel::Config::LoadConfig::loadConfig(
    $cpanel_config_file, \%defaults,
    undef, undef, undef, 1, { 'nocache' => 1, 'keep_locked_open' => 1, 'rw' => $load_opts_ref->{'rw'} },
);

In this case, whether or not to load the file 'rw' is controlled by $load_opts_ref->{'rw'}; $load_opts_ref is passed to loadcpconf():

Code:

sub loadcpconf {
    my ($load_opts_ref) = @_;

Then going to the next call, we see it is for _load_locked() in vi /usr/local/cpanel/Cpanel/Config/LoadCpConf.pm.

Code:

sub _load_locked {
    my ($load_opts_ref) = @_;

    my %opts = $load_opts_ref ? %$load_opts_ref : ();
    $opts{'keep_locked_open'} = 1;
    $opts{'rw'}               = 1;

    my ( $fh, $lock_fh, $cpconf ) = loadcpconf( \%opts );

So, in every case, _load_locked() is going to try to open the file 'rw' but only root has 'rw' permissions so this appears to be 2 bugs. First, $opts{'rw'} is not configurable in _load_locked() but resellers don't have 'rw' access to /var/cpanel/cpanel.config. Second, the plugin driver will need to be extended to pass options to CpConfGuard when creating the object:

/usr/local/cpanel/Cpanel/Config/ConfigObj/Driver/Attracta.pm line 253:

Code:

my $cpconf = Cpanel::Config::CpConfGuard->new();

Furthermore, it's unclear as to why your plugin would use the driver for Attracta.

 

I'd imagine that cPanel wrote the first AppConfig driver for the Attracta integration and then it got hard-coded into the system before they decided to make it a public system for all 3rd party integrations. You may want to email the integration team about this and/or submit a ticket so they can get some cases opened about all these issues.

 

We are not currently aware of any problem with registering in the ticket system, but if there is a problem, we need to fix it. What error message did you get when you tried to register to submit a ticket?