The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

upgrade to 11.25.0-RELEASE_42399 : Check for Shell Access

Discussion in 'General Discussion' started by mohit, Jan 1, 2010.

  1. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
    I am not blaming anyone but can people running cpanel version
    11.25.0-RELEASE_42399 check if the upgrade to this version gave shell access to a few accounts who were never allowed ssh in past.
    it may be due to account ownership or whatever unknown reason, but i've found this on 2 boxes.

    In-fact i never gave shell access to any damn account but after the cpanel update i caught many users who were allowed normal shell, no matter they knew or not.

    I had to select "Disable for all"
     
  2. chuza

    chuza Well-Known Member

    Joined:
    Jul 4, 2008
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    I faced a similar issue on 11.25.0-CURRENT_42399 where a client pasted top results today with actual usernames complaining of load. I immediately checked and found shell access disabled for that account (not even jail). I hope someone in cPanel can attempt to reproduce this on a test system. It wasn't critical for me so never opened a ticket.
     
  3. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
    check if the shell is enabled for that account.
    make sure you take a look at
    "manage shell access" under "Account functions"
     
  4. LDHosting

    LDHosting Well-Known Member

    Joined:
    Jan 19, 2008
    Messages:
    93
    Likes Received:
    2
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    We noticed the same thing.. a few accounts had been assigned a full shell and a few a jailshell after the upgrade to 11.25.0-RELEASE_42399
     
  5. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
    so i was not alone. :confused:
     
  6. yapluka

    yapluka Well-Known Member

    Joined:
    Dec 24, 2003
    Messages:
    301
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    France
    cPanel Access Level:
    Root Administrator
    Seems so ;)

    I've got the same nasty bug on many servers as well.
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,471
    Likes Received:
    199
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Anyone put in a ticket on this yet?
     
  8. chuza

    chuza Well-Known Member

    Joined:
    Jul 4, 2008
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    Obviously I did, how else did I know I access for this account was disabled completely and still client was pasting top results with actual usernames.

    It was the first incident and I haven't gone on to work after that and ignored it as a first incident, otherwise I would have opened a ticket. I will, if i reproduce it even for a single time again.
     
  9. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,471
    Likes Received:
    199
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I found two accounts here (after reading this thread) that should not have shell, but did. That's why I asked about a ticket. If you put one in, link to this thread in the ticket for cPanel.
     
  10. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
    I've had more bitter expereience as the account tried to run the index page changing exploit from the shell enabled account at the time i first noticed whats going on, and opened this thread

    as I am the only one who has root access to all my servers, I am 100 times sure i didn't even gave shell access to my own a/c :p

    luckily i was able to save myself from full compromise with help of SL .

    no i didn't opened a ticket, cause the i've already updated/changed many things on server.
     
  11. cPAbbott

    cPAbbott Registered

    Joined:
    Jul 24, 2008
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    The 11.25 upgrade does not include anything that would automatically adjust individual user accounts as discussed here. We are interested in the situation, and would like to determine what is happening

    If you're seeing this issue, please open a ticket and include the following information.

    On the servers that are exhibiting this issue:

    1. What does the shell management interface in the WHM say the users' shells are?

    2. What does /etc/passwd say that the users' shells are?

    3. If possible: what does the shell management interface indicate when cPanel is switched to STABLE?
     
  12. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    We just spotted this on about 7 different cPanel servers, we have never granted normal shell acccess to anyone, yet there were two or three accounts on each server with normal shell access selected via WHM --> Manage shell access.

    We are currently running:
    cPanel 11.25.0-R42404 - WHM 11.25.0 - X 3.9
    REDHAT Enterprise 5.4 i686 standard

    I noticed that the most recent entry in this thread was a full month ago. But if cPanel.net would like me to open a ticket on this one I would be happy to do that.

    Has anyone been able to resolve this one yet?
     
  13. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Followup: Upon unsuspending this same account, the shell setting was normalized back to where we had it, i.e. it went back to no shell access.
     
  14. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    BINGO, problem found (I think.)

    Upon doing a little more research, I found that the normal-shell enabled accounts were either suspended, or they were recently suspended.

    Perhaps there is a bug in the cPanel system that enables Normal shell access when an account is suspended (e.g. for lack of monthly payment), and then the normal shell stays enabled when the account is brought back on line.

    I am trying to test this now by suspending one of our own accounts, BUT another problem we are seeing is that when you suspend a cPanel account, the load goes up tremendously. I just now suspended a very small hosting account and the load went up from 3.96 to 19.87 before the account was actually suspended. This is no fluke, we've seen this (load rockets up when suspending) every time here lately.

    Okay, yes BINGO, BINGO, I just checked the manage shell access in WHM and yes, this account that I just suspended now shows Normal Shell Access ENABLED.
     
  15. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    jols: Do you have this option turned on in tweak settings ?


    "Use Safe Quota Setting (quotas will be disabled, adjusted, and then re-enabled). This option should be enabled if you are having problems with lost disk quotas or other quota system corruption. Under software raid and other circumstances enabling this option will degrade server performance."
     
  16. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,460
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Please re-check your scenario in 11.25.0 RELEASE 43252. We fixed quite a few problems with shell management in that build of 11.25.0.

    Testing your scenario on that build results in the right thing happening. Meaning if an account had no shell access than suspending the account does not grant shell access. Likewise unsuspending the account does not grant shell access.

    Also, Nick's question is in relation to the disk performance you are experiencing.
     
Loading...

Share This Page