The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

minimum user ID value change causing cPanel login problems

Discussion in 'General Discussion' started by Metro2, Jun 10, 2011.

  1. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    While going through my WHM settings recently after updating from 11.28.x to 11.30.x (Release) I noticed that in

    WHM > Basic cPanel & WHM Setup > The minimum user ID value used when creating new accounts.

    The field was empty, and the value was highlighted in red, suggesting that I set it to at least the default minimum user ID of 500.

    So, I did just that. I marked the radio button for "500 Default " and saved the change.

    At first I didn't notice any problems, but then I started receiving just a few customer reports of people receiving "Internal Server Error 500 - Could not fetch uid or gid for : root" when trying to log into their cPanel. I tested my cPanel login on one of my own accounts and sure enough, I received the same error message.

    In addition, my CSF/LFD has been sending alerts regarding /usr/local/cpanel/cpsrvd-ssl and cpanelroundcube

    For example, here is part of a recent email alert from root:

    Suspicious process running under user cpanelroun​dcube
    Time: Thu Jun 9 05:25:13 2011 -0500
    PID: 8453
    Account: cpanelroundcube
    Uptime: 88 seconds
    Executable: /usr/local/cpanel/cpsrvd-ssl (deleted)
    webmaild - serving xx.xx.xxx.xx

    It seems to me that WHM/cPanel have somehow maybe cached sessions for cPanel and Webmail logins based on the "minimum user ID" and the perhaps several accounts have a user ID lower than 500 even after making the change in WHM > Basic cPanel & WHM Setup > The minimum user ID value used when creating new accounts.

    I wonder - am I facing some real underlying trouble here? Is this something that might resolve itself in time? Or are there further steps I need to take on my part to change the user ID numbers on the accounts I host? (and if so, how?)

    I'm running RHEL 4, WHM/cPanel 11.30.0 (Build 29), PHP 5.2.17 with suPHP handler.

    Thanks for reading and for any replies!
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    What are the UID and GID values for any of the cPanel accounts that have contacted you? You can find that out in /etc/passwd by grepping for the account's cPanel username:

    Code:
    grep username /etc/passwd
    If you do find you are having issues due to this change and the user does have a UID under 500, then I might suggest opening up a ticket using WHM > Support Center > Contact cPanel or via the link in my signature for us to investigate on the machine directly.
     
  3. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks for the reply Tristan,

    Using grep username /etc/passwd I have first checked the /etc/passwd file for one of my own accounts that was displaying "Internal Server Error 500 - Could not fetch uid or gid for : root" when I tried logging into the cPanel for the account, and it returned this:

    mysername:x:603:598::/home/myusername:/usr/local/cpanel/bin/noshell

    I'm assuming that means the user ID is either 603 or 598
    STRIKE THAT - I see that means UID is 603 and GID is 598

    And ironically - though I have not made any changes at all since I encountered the issue for myself - suddenly the problem is NOT occurring for that account now!

    I'm now off to grep username /etc/passwd for the 3 or 4 other customer accounts who have reported the issue so far.
     
    #3 Metro2, Jun 10, 2011
    Last edited: Jun 10, 2011
  4. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Just checked one of the customer accounts that I was receiving the cpanelroundcube reports for, and grep username /etc/passwd returns:

    username:x:579:579::/home/username:/usr/local/cpanel/bin/noshell

    Makes me curious as to why doing a grep username /etc/passwd for some accounts returns what appears to be two different UID's (like in my previous post in which the uid was 603:598 ) but in other cases like this the uid "matches" (579:579).
     
  5. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    They are returning the UID and the GID for the account. The user ID and the group ID are not always the same.
     
  6. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks. Yes, I realized that just as I was doing this (never had to check this before, I'm a bit embarrassed now). I'm guessing that the few accounts here and there that have a different UID than GID are ones where I have specific different Feature Manager and related Package permissions.
     
  7. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Followup - seems that restarting some services (imap, pop, exim, and cpanel itself) has done away with the "Executable: /usr/local/cpanel/cpsrvd-ssl (deleted)" error email alerts.
     
Loading...

Share This Page