Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

User login loop after added to sudoers

Discussion in 'General Discussion' started by Jeremy Ciaramella, May 25, 2019.

  1. Jeremy Ciaramella

    Jeremy Ciaramella Registered

    Joined:
    May 25, 2019
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Tempe
    cPanel Access Level:
    Root Administrator
    We installed Jenkins on our server and linked it with a Github account. The user associated with the Jenkins processes needed sudoer-level privileges. I logged in as root, ran the command usermod -G wheel $sudouser, where $sudouser was also a cPanel account.

    Then when the user went to the cPanel login, it would not error out, it would just reset the login over and over. (e.g. https://ourserver.tld:2083) On a hunch, I tried to login to the WHM with said $sudouser and was able to login to a stripped down WHM.

    I discovered later there is an "add-user to sudoers" function in WHM. I saw the user there, removed them, tried to login (same thing), removed the user via the command line, tried to login, (same thing). Changed the owner of the account. To be clear, the new $sudouser is no longer listed in the sudoers in WHM or command line.

    This is what is logged in the "/user/local/cpanel/logs/login_log" when this user tries to login:
    [2019-05-25 18:10:43 +0000] info [cpaneld] 70.176.115.194 - $sudouser "GET /cpsess9889668778/frontend/paper_lantern/index.html?login=1&post_login=30066699817051 HTTP/1.1" DEFERRED LOGIN cpaneld: switchuser: uid or gid passed user switch is less than 99

    That user's entry in the /etc/password and /etc/shadow
    $sudouser:x:1001:10::/home/$sudouser:/bin/bash
    $sudouser:[herebesomehashedupgobblygookstuff]:18041::99999:7:::

    I tried to submit a support ticket using the email address where cPanel folks sent the receipts and the bills. Apparently, this email is not in their system and I don't get the "password reset links." (Yes I check my "spam" mails...)

    Thoughts?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,948
    Likes Received:
    485
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice