root cron shell_exec disabled warning

Smaily

Well-Known Member
Sep 19, 2011
46
0
56
cPanel Access Level
Root Administrator
I have cron set in /var/spool/cron/root
I have cron file at /usr/local/cpanel/whostmgr/docroot/cgi/customcronfile.php

When cron runs it creates

PHP Warning: shell_exec() has been disabled for security reasons in /usr/local/cpanel/whostmgr/docroot/cgi/customcronfile.php on line 22

In customcronfile.php, starting at line 22 I have command
$ls = `ls -la /var/cpanel/users`;
$lslist = explode("\n",$ls);
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
38
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
Do you mean when any cron is run that is a root cron, it outputs that error or some specific cron does? If it is a specific cron, what are you running that is outputting that error?

Next, do you have shell_exec disabled for PHP scripts?
 

Smaily

Well-Known Member
Sep 19, 2011
46
0
56
cPanel Access Level
Root Administrator
Do you mean when any cron is run that is a root cron, it outputs that error or some specific cron does? If it is a specific cron, what are you running that is outputting that error?

Next, do you have shell_exec disabled for PHP scripts?
Yes, cron is self running every morning and with every run it will write that error into log.
Im running somekind of custom command that will get status of inodes usage per user and outputs it into WHM.
shell_exec is disabled for php in php.ini, yes. I thought root can bypass this. I don't want to risk server security. Or wouldn't this be much of a leak?
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
38
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
Can you run the command in command line as root user using:

Code:
php scriptname.php
If you cannot and also receive the error, then your question is answered on what root user can and cannot do. Root should still be bound by the limitations of the system, which includes the global php.ini limitations when running a command.