User file '/var/cpanel/users/root' is empty or non-existent since this afternoon

Operating System & Version
Centos 7.9.2009
cPanel & WHM Version
11.100.0

rhm.geerts

Well-Known Member
Jul 29, 2008
150
15
68
Maastricht
cPanel Access Level
Root Administrator
Code:
[2021-04-07 20:57:33 +0200] warn [cpanel_initial_install] Failed to symlink /usr/local/cpanel/etc/mail/spamassassin/BAYES_POISON_DEFENSE.cf => /etc/mail/spamassassin/BAYES_POISON_DEFENSE.cf: No such file or directory at /usr/local/cpanel/Whostmgr/TweakSettings/Mail.pm line 586.
...skipping...
==> cpsrvd: bound to ports
[2022-01-14 14:52:57 +0100] info [cpsrvd] version 11.100.0.5 online
[2022-01-14 14:53:48 +0100] warn [cpanel] User file '/var/cpanel/users/root' is empty or non-existent. at /usr/local/cpanel/Cpanel/Config/LoadCpUserFile.pm line 335.
        Cpanel::Config::LoadCpUserFile::_load(__CPANEL_HIDDEN__, undef) called at /usr/local/cpanel/Cpanel/Config/LoadCpUserFile.pm line 217
        Cpanel::Config::LoadCpUserFile::load("root") called at /usr/local/cpanel/Cpanel/Config/LoadCpUserFile/CurrentUser.pm line 73
        Cpanel::Config::LoadCpUserFile::CurrentUser::load("root") called at /usr/local/cpanel/Cpanel/Api2/Exec.pm line 320
        Cpanel::Api2::Exec::_get_persona_error(HASH(0x36e6a90)) called at /usr/local/cpanel/Cpanel/Api2/Exec.pm line 89
        Cpanel::Api2::Exec::api2_exec("Locale", "get_user_locale", HASH(0x36e6f40), HASH(0x36e6a90)) called at cpanel.pl line 1372
        cpanel::cpanel::docpanelaction(HASH(0x36e6c10)) called at cpanel.pl line 4576
        cpanel::cpanel::run_fast_json_mode() called at cpanel.pl line 925
        cpanel::cpanel::script("cpanel::cpanel", "--json-fast-connect", "--stdin") called at cpanel.pl line 325
So this started this afternoon suddenly as you can see from the log. Had nothing in the error log anymore since april 2021.
This is from cpanels error log.

I've found a post which says the solution is to create this myself by copying another user and changing the content, but I'm not certain I would do things right. This just should not happen. So it would be nice if CPanel could fix this as this is the root user or give me a good solution.
 

quietFinn

Well-Known Member
Feb 4, 2006
1,481
225
193
Finland
cPanel Access Level
Root Administrator
I don't think there is supposed to be file "/var/cpanel/users/root", root is not a cPanel user.

Can't see that file in any of our servers.

Fond this:
 
Last edited:
  • Like
Reactions: rhm.geerts

rhm.geerts

Well-Known Member
Jul 29, 2008
150
15
68
Maastricht
cPanel Access Level
Root Administrator
Thank you, if it shouldn't be there, it would be fine with me, but I wonder.

I've seen that post, but I'm confused as it's both stated that these are login attempts by unauthorized users using the root account, and lower it's stated by Tristan as cpanel analyst that it still is a bug.
However, that was 10 years ago, so wasn't it fixed, or is the bug back now, or is it something safe to ignore.

On the other hand, seems buggy to me when authentication attempts are suddenly logged into cpanels error log. It's also the first time I'm seeing this in the error log. Can't imagine that somebody didn't try to login before.
 

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
1,031
99
103
Houston, TX
cPanel Access Level
Root Administrator
  • Like
Reactions: rhm.geerts