How to get the cPanel users list or check a user from SSH?

[ITGabs]

Hi,

I did some scripts in ssh to clone sites, fix permissions and other stuff, probably I will share some of this scripts soon but something that I really need is validation, actually everything it is assuming that you are tipping the right name in the user field starting from the home folder but there are other folders in home that are not users account, and that could be a big problem.

What I am looking for is a list of users that I can parse to validate the inputs in my scripts

I know about /etc/passwd but maybe there is a cPanel script that I can use and improve my own scripts.

Thanks!

 

[robb3369]

Look in the /var/cpanel/users directory and there is a file per user account with their package and settings info... you can a "do" loop to go through them... Here is an example to fix public_html ownership issues...

#!/bin/bash
cd /var/cpanel/users
for user in *
do
	chown $user.nobody /home/$user/public_html
done

Hopefully that will help get you in the right direction...

 

[ITGabs]

Thank you Rob!

 

[cPanelMichael]

Hello

I am happy to see the solution provided was helpful to you. Remember to exclude entries for "nobody" and "root" if they exist in the /var/cpanel/users directory.

Thank you.

 

[ITGabs]

Hi Michael,

Can you update this list for me with 2014 info?...
The reserved username check is the following list (2011):

root virtfs roundcube horde spamassassin eximstats cphulkd modsec all
dovecot tomcat postgres mailman proftpd cpbackup files dirs tmp toor munin

plus

anything beginning with the string test[a-z0-9] or ending with the string [a-z]assword

This is what I have a standalone function

#!/bin/bash
validateuser()
{
#sanitize
user=$(echo $1 | sed -e 's/[^a-z0-9]//g')
if [[ $user != $1 ]] || [[ ${#user} -gt 8 ]]; then
    msg="User value can be only [a-z0-9] and no more than 8 char"
    val="error"
else
for cpusers in system `ls /var/cpanel/users/ | grep $user`;do
    if [[ $user == $cpusers ]]; then
        msg="User Exist"
        val="yes"
    else
        msg="User Does not Exist"
        val="no"
    fi
done

for cpusers in root virtfs roundcube horde spamassassin eximstats cphulkd modsec all dovecot tomcat postgres mailman proftpd cpbackup files dirs tmp toor cpanel test virtfs munin latest git cpeasyapache system root nobody; do
    if [[ $user == $cpusers ]]; then
    msg="Invalid User"
    val="error"
    fi
done
fi
}
validateuser $1
echo "User: $user=$val: $msg"

#Note: this script not validate the users with numbers in the beginning, with the test word and finish with assword

A hacky workaround that I found is to grep the wwwacct script to check if the user field is valid or not

#Invalid User
/usr/local/cpanel/scripts/wwwacct aa.itgabs.com yassword qwerty < y
+===================================+
| New Account Info |
+===================================+
| Domain: aa.itgabs.com
| UserName: yassword
| PassWord: qwerty
+===================================+

Checking input data......Done
Validating system setup......Done
Rebuilding IP Pool......Done
Validating IP......Done
Validating Username...Sorry, that username (yassword) is reserved.

#Valid user
/usr/local/cpanel/scripts/wwwacct aa.itgabs.com hyyuyu qwerty < y
+===================================+
| New Account Info |
+===================================+
| Domain: aa.itgabs.com
| UserName: hyyuyu
| PassWord: qwerty
+===================================+

Checking input data......Done
Validating system setup......Done
Rebuilding IP Pool......Done
Validating IP......Done
Validating Username......Done
Validating Contact Email......Done
Ensuring services are online...Sorry, the password you selected cannot be used because it is too weak and would be too easy to crack. Please select a password with strength rating of 65 or higher.

User already taken
/usr/local/cpanel/scripts/wwwacct aa.itgabs.com carlosbo qwerty < y
+===================================+
| New Account Info |
+===================================+
| Domain: aa.itgabs.com
| UserName: carlosbo
| PassWord: qwerty
+===================================+

Checking input data......Done
Validating system setup......Done
Rebuilding IP Pool......Done
Validating IP......Done
Validating Username...Sorry, a passwd entry for that username already exists.


...A fast and dirty solution but it works perfect, the wwwacct must have a flag or a parameter just for check the account (dry or testmode) since all the logic of valid users is there and that should be the best solution. and really I feel bad brute forcing the wwwacct to find weird exeptions

But please let me know the official list in 2014, in some point I will create the validation in JavaScript too, that should help me a lot

 

[cPanelMichael]

The list of reserved usernames is made available in the following file:

/usr/local/cpanel/Cpanel/Validate/Username.pm

EX:

all
cpbackup
cpses
cphulkd
dirs
dovecot
eximstats
files
horde
logaholic
mailman
modsec
munin
mydns
postgres
proftpd
root
roundcube
spamassassin
system
tmp
tomcat
toor
virtfs
nobody
shadow

Thank you.