Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Changing permissions on WHM addon modules

Discussion in 'cPanel Developers' started by internetfab, May 26, 2011.

  1. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    Hi!

    Tried changing permission on munin addon, so that reseller (managed server, where owner has reseller privs and we have root) may be able to see stats.

    Code:
    #!/usr/bin/perl
# cpanel - addon_munin.cgi                        Copyright(c) 2011 cPanel, Inc.
#                                                           All rights Reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
#WHMADDON:munin:Munin Service Monitor

BEGIN { unshift @INC, '/usr/local/cpanel'; }

my $security_token = $ENV{'cp_security_token'} || '';

print "Location: $security_token/munin/index.html\r\n\r\n";
    Shouldn't this work out of the box? What am I missing?

    Getting "Sorry, only root may view munin stats." when visiting /munin/index.html as a reseller.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 internetfab, May 26, 2011
  2. cPanelDavidN

    cPanelDavidN Integration Developer

    Joined:
    Dec 17, 2009
    Messages:
    571
    Likes Received:
    3
    Trophy Points:
    68
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi internetfab,

    You're not missing anything. If you remove
    Code:
    #ACLS:all
    the plugin link will appear in the left sidebar

    and remove
    Code:
    if ( !Whostmgr::ACLS::hasroot() ) {
    print "Content-type: text/html\r\n\r\n";
    print "Access Denied: You do not have permission to view Munin stats.\n";
    exit;
}
    the plugin cgi script will continue and load the munin/index.html

    ...However, after some research, it would appear that there is a hardcoded check for munin served pages in the binaries. A reseller must have the "all root" privilege in order to clear the check. I imagine the check is done simply, if not specifically, to stop information disclosure.

    The only way around the issue would be (I presume) if you mutated the munin plugin files/dir such that all references to munin were removed from the file/dir names; ie `mv docroot/munin docroot/moonin` or something like that. I cannot recommend doing this, but if you HAD to, that would be the first thing to try.

    Best Regards,
    -DavidN
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelDavidN, May 26, 2011
(You must log in or sign up to post here.)
Loading...
Similar Threads - Changing permissions addon
  1. makcakaya

    File and folder permissions for several accounts are constantly changing

    makcakaya, Jan 21, 2017, in forum: Security
    Replies:
    1
    Views:
    756
    Infopro
    Jan 21, 2017
  2. darkshifty

    Changing document root for main domain does not work

    darkshifty, Aug 12, 2018 at 12:35 PM, in forum: General Discussion
    Replies:
    2
    Views:
    25
    cPanelMichael
    Aug 13, 2018 at 1:17 PM
  3. Htet Phone Hlyan

    Changing domain name

    Htet Phone Hlyan, Aug 12, 2018 at 7:35 AM, in forum: General Discussion
    Replies:
    1
    Views:
    23
    cPanelMichael
    Aug 14, 2018 at 10:39 AM
  4. ascalotoru

    Why is my Exim SSL certificate changing every day?

    ascalotoru, Aug 10, 2018 at 4:54 AM, in forum: Security
    Replies:
    1
    Views:
    53
    cPanelLauren
    Aug 13, 2018 at 11:25 AM
  5. nyjimbo

    changing full server domain name ?

    nyjimbo, Jul 25, 2018, in forum: Bind/DNS/Nameserver
    Replies:
    2
    Views:
    61
    nyjimbo
    Jul 25, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice