The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

hackcheck...

Discussion in 'General Discussion' started by bens, Jan 9, 2002.

  1. bens

    bens Member

    Joined:
    Aug 15, 2001
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    The hackcheck is a good idea. However....
    We set up on all our servers and all dedicated servers for clients an additional root account. That way we don\'t need to know their passwords and have a backway of getting into the server if something goes wrong.

    However, every night the hackcheck script sends that annoying \'root\' warning message. Is there someway this can be disabled?
    How about having the option to check it or not?

    Please.. it\'s really frustrating for those clients..

    Thanks
     
  2. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    I agree

    For security purposes we have three root accounts &super& id's for tracking. The account root does not get used unless absolutely needed. This does get very annoying, I agree it should be an option or at least have an exclude list.

    David

    hosting.dgbaker.ca
     
  3. ecoutez

    ecoutez Well-Known Member

    Joined:
    May 23, 2002
    Messages:
    152
    Likes Received:
    0
    Trophy Points:
    0
    Post it as a request in Bugzilla.

    In the mean time, it does appear you can have a user &toor& which is allowed to have 0:0 privs.

    - Jason
     
  4. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    do this

    At own risk! may have problems with cpanel updates and licenses, etc.....

    modify /scripts/hackcheck

    and add your IDs to the 35th line. You'll know which one. If you do not want to do that then create a script that will run after hackcheck, parse the /etd/system file for the appropriate ID's and remove the extra characters. Not saying which characters as a sysadmin should now.
     

Share This Page