Suppress emails for specific processes for a specific user?

drmoocow

Registered
Mar 16, 2015
2
1
3
Toronto, Canada
cPanel Access Level
Root Administrator
Hi. I'm wondering if there's a way to not receive warnings for, say, ssh-agent for a specific user. I know that I can ignore all processes by a user, and all warnings for a specific executable, but is there a way to combine the two and ignore a specific process by a specific user?

Thanks.
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
7,995
645
263
Houston
cPanel Access Level
DataCenter Provider
Based on their readme and the pignore it doesn't appear that you can choose both:

Code:
There is an ignore file /etc/csf/csf.pignore which can be used to whitelist
either usernames or full paths to binaries. Care should be taken with ignoring
users or files so that you don't force false-negatives.

You must use the following format:

exe:/full/path/to/file
user:username
cmd:command line
Code:
# The following is a list of executables (exe) command lines (cmd) and
# usernames (user) that lfd process tracking will ignore.
#
# You must use the following format:
#
# exe:/full/path/to/file
# user:username
# cmd:command line
#
# Or, perl regular expression matching (regex):
#
# pexe:/full/path/to/file as a perl regex[*]
# puser:username as a perl regex[*]
# pcmd:command line as a perl regex[*]
#
# [*]You must remember to escape characters correctly when using regex's, e.g.:
# pexe:/home/.*/public_html/cgi-bin/script\.cgi
# puser:bob\d.*
# pcmd:/home/.*/command\s\to\smatch\s\.pl\s.*
Though you may want to confirm with the folks at ConfigServer in their forums here: ConfigServer Community Forum - Index page
 

drmoocow

Registered
Mar 16, 2015
2
1
3
Toronto, Canada
cPanel Access Level
Root Administrator
Based on their readme and the pignore it doesn't appear that you can choose both:

Code:
There is an ignore file /etc/csf/csf.pignore which can be used to whitelist
either usernames or full paths to binaries. Care should be taken with ignoring
users or files so that you don't force false-negatives.

You must use the following format:

exe:/full/path/to/file
user:username
cmd:command line
Code:
# The following is a list of executables (exe) command lines (cmd) and
# usernames (user) that lfd process tracking will ignore.
#
# You must use the following format:
#
# exe:/full/path/to/file
# user:username
# cmd:command line
#
# Or, perl regular expression matching (regex):
#
# pexe:/full/path/to/file as a perl regex[*]
# puser:username as a perl regex[*]
# pcmd:command line as a perl regex[*]
#
# [*]You must remember to escape characters correctly when using regex's, e.g.:
# pexe:/home/.*/public_html/cgi-bin/script\.cgi
# puser:bob\d.*
# pcmd:/home/.*/command\s\to\smatch\s\.pl\s.*
Though you may want to confirm with the folks at ConfigServer in their forums here: ConfigServer Community Forum - Index page

Thanks, I've posted over there as well now.
 
  • Like
Reactions: cPanelLauren