Module hooks cannot escalate privileges

[macklus]

Hi all:

I wrote some perl code to force users php options, and want to run it throught a hook.

So far i see in Guide to Standardized Hooks - Script Hooks - Software Development Kit - cPanel Documentation: This hook method is deprecated. To convert script hooks to use the Standardized Hooks system, use System or Whostmgr events in yourHook Action Code.

But, when i set "'escalateprivs'=> 1," on perl Module, it dies with "Module hooks cannot escalate privileges"

Is there any way to do it with perl Modules (recomended option), or should we use deprecated one ?

Thanks in advanced

 

[cPanelMichael]

I wrote some perl code to force users php options, and want to run it throught a hook.

Hello,

Could you provide some more details about which specific action you want to hook into, and the steps you have taken thus far?

Thank you.

 

[macklus]

Hi:

Sample code:

# Package this module.
package Cpanel::EscalateTest;

# Return errors if Perl experiences problems.
use strict;
use warnings;

# Properly decode JSON.
use JSON;

# Embed hook attributes alongside the action code.
sub describe {
    my $test1 = {
        'category' => 'Cpanel',
        'event'    => 'Api1::Email::addpop',
        'stage'    => 'post',
        'hook'     => 'Cpanel::EscalateTest::test1func',
        'exectype' => 'module',
        'escalateprivs' => 1,
    };

    return [$test1];
}

sub test1func {
    my ( $context, $data ) = @_;                 # Get the data that the system passes to the hook.

    my $result  = 0;                             # This boolean value is set to fail.
    my $message = 'This is an error message.';   # This string is a reason for $result.

    # Just touch file on /tmp
    open( F, ">/tmp/hook_works" );
    print F "work\n";
    close( F );

    # Return the hook's result and message.
    return $result, $message;
}

1;

this code are located on /usr/local/cpanel/Cpanel/EscalateTest.pm

When i try to add:

[email protected] [~]# /usr/local/cpanel/bin/manage_hooks add module Cpanel::EscalateTest --privileged
Module hooks cannot escalate privileges
There was a failure adding a hook, removing all hooks contained with in.  Please contact the maintainer of this hook for assistance.
[email protected] [~]#

By now, it works on script basics, but it is deprecated, so wish to do that on module basic

thanks in advance

 

[cPanelMichael]

'category' => 'Cpanel', 'event' => 'Api1::Email::addpop',

Is there a specific reason you are using cPanel API 1 instead of UAPI? Here's the UAPI function for adding an email address:

https://documentation.cpanel.net/display/SDK/UAPI+Functions+-+Email::add_pop

When i try to add:

[email protected] [~]# /usr/local/cpanel/bin/manage_hooks add module Cpanel::EscalateTest --privileged
Module hooks cannot escalate privileges
There was a failure adding a hook, removing all hooks contained with in. Please contact the maintainer of this hook for assistance.
[email protected] [~]#

Have you verified that the script requires escalated privileges? These documents may also help:

Guide to Standardized Hooks - Privilege Escalation - Software Development Kit - cPanel Documentation
Tutorial - Create a Standardized Hook - Software Development Kit - cPanel Documentation

Thank you.