The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Multi Level root access?

Discussion in 'General Discussion' started by stgift, Dec 16, 2004.

  1. stgift

    stgift Registered

    Joined:
    Oct 29, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I am not sure if this is the place to post this but here it goes.... Are there any plans to come up with multi level root access so the users if whm would be able to lock out certain features such as password modification to the root?

    The reason I am asking is this... I have employees to help provide support to my customers it would be nice if I could lock out certain features so my employess could not do things to lock me out... This has never happened but you never know it could happen in the future as we bring on new team members.

    so a nice feature would be if I could assign multiple root user ID's and passwords so that I could block certain root features so that my employess did not have access to all the features in the root. :)
     
  2. HH-Steven

    HH-Steven Well-Known Member

    Joined:
    Aug 29, 2004
    Messages:
    284
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    In a way it can be done now.

    Ive managed to do it with a few of my team members.

    The only way ive come across of doing it is to :

    1) Create a new account for each team member (teammember.yourdomain.tld)

    (chances are theyll have free hosting with you anyway)

    2) give each team members account reseller status and just individually modify there reseller priveleges for the features / access you wish each team member to have.

    ive managed to split my team up into sections depending on there knowledge etc, but of course im the only one with :

    Server Setup
    Service Configuration
    Reseller Centre (restricts them from changing there own privleges)

    which in turn does prevent a team member changing the root pass and locking me out.

    Not the ideal way i know but it seems to work ok.
     
  3. MikeChristopher

    Joined:
    Nov 20, 2002
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    thats exactly what i do - its the easiest way plus you get control on which sites they can be in control of so they dont mistakenly do anything in the main accounts.
     
  4. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    There is a great program called sudo. It will only allow you set administration rights to certain accounts where they execute root commands in the manner of sudo rm <file> and it will log each command they run as sudo. You can also make it so only certain users can run sudo su - and gain access to root. You can actually disable their normal su - command where it can only be run via sudo.

    It is a great program and a great extra level of security. It is really nice to see the logs when something goes wrong on a server. It also will give you the ability to have less trusted admins do what you want to do. The only downside is Cpanel still has not figured out how to implement something similar with WHM. I hate hate hate how you have to log into WHM with root, this is about the silliest thing I have ever seen.
     
Loading...

Share This Page