hackcheck...

[bens]

The hackcheck is a good idea. However....
We set up on all our servers and all dedicated servers for clients an additional root account. That way we don\'t need to know their passwords and have a backway of getting into the server if something goes wrong.

However, every night the hackcheck script sends that annoying \'root\' warning message. Is there someway this can be disabled?
How about having the option to check it or not?

Please.. it\'s really frustrating for those clients..

Thanks

 

[dgbaker]

I agree

For security purposes we have three root accounts &super& id's for tracking. The account root does not get used unless absolutely needed. This does get very annoying, I agree it should be an option or at least have an exclude list.

David

hosting.dgbaker.ca

 

[ecoutez]

Post it as a request in Bugzilla.

In the mean time, it does appear you can have a user &toor& which is allowed to have 0:0 privs.

- Jason

 

[dgbaker]

do this

At own risk! may have problems with cpanel updates and licenses, etc.....

modify /scripts/hackcheck

and add your IDs to the 35th line. You'll know which one. If you do not want to do that then create a script that will run after hackcheck, parse the /etd/system file for the appropriate ID's and remove the extra characters. Not saying which characters as a sysadmin should now.