The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

wheel group management

Discussion in 'Security' started by jeremys_ppc, May 8, 2014.

  1. jeremys_ppc

    jeremys_ppc Member

    Joined:
    May 7, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Can somebody please explain to me how the wheel group is used. The documentation only state how to add or remove users.

    I have a user added to the wheel group. I can log in via ssh fine with this user with limited access as expected. I run su - (i've tried su, su - root, su root) and it asks me for a password. Neither my user password nor the root password work from this prompt. I know these passwords are correct as I can login to ssh with both accounts just fine.

    What am I doing wrong? Any help in this matter is greatly appreciated.
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    If a user is properly in the wheel group, it should be able to use 'su -' and the root password should be the one used to escalate privileges.

    In my case I use an unpriveleged user "sshuser" for this who can su to root. Check /etc/group to see if the user was added correctly:

    Code:
    [root@new /home/temp]# grep wheel /etc/group
    wheel:x:10:root,sshuser
    
     
  3. jeremys_ppc

    jeremys_ppc Member

    Joined:
    May 7, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    The user is in the wheel group as indicated.

    Code:
    root@teal [~]# grep wheel /etc/group
    wheel:x:10:cpadmin
    
    I login as the admin via ssh successfully
    Code:
    login as: cpadmin
    cpadmin@teal.mydomain.com's password:
    Last login: Wed May  7 16:27:53 2014 from x.x.x.x
    
    Yet when I su - it doesn't take the credentials.
    Code:
    cpadmin@teal.mydomain.com [~]# su -
    Password:
    su: incorrect password
    
    I'm at a loss.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,684
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. jeremys_ppc

    jeremys_ppc Member

    Joined:
    May 7, 2014
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    The only modification to the sshd_config was the Port value. Nothing else was changed. Once I get the wheel group stuff working I was going to disable root login. PermitRootLogin No per the securing SSH from the following guide /http://www.webhostinghero.com/10-tips-secure-cpanel-server/
     
  6. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Out of curiosity how could sshd_config prevent an already logged in user from being able to use su?

    Check /var/log/secure. If I put in the wrong root PW with su I get:

    May 9 19:13:50 new su: pam_unix(su-l:auth): authentication failure; logname=sshuser uid=32014 euid=0 tty=pts/0 ruser=sshuser rhost= user=root

    When I use the right password:

    May 9 19:13:56 new su: pam_unix(su-l:session): session opened for user root by sshuser(uid=32014)
     
Loading...

Share This Page