The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wheel Group (su)

Discussion in 'General Discussion' started by host95, Jan 22, 2003.

  1. host95

    host95 Member

    Joined:
    Jan 21, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    As the WHM doc points out, the &Wheel group& is a user group that can gain access to root by using the su command. Question: Will clients with superuser status have the ability to peek beyond their own home environment? Would be a &bad& to have prowlers finding out who you host, etc.

    ??
     
  2. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Wheel group users essentially become root user (god) when doing su.
     
  3. host95

    host95 Member

    Joined:
    Jan 21, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Thanks. I was afraid that's what I'd hear. There is no way anyone should give clear access to ALL server directories and files to someone not known or trusted. I'd be very interested in polling other Web hosts to see whether they are authorizing su privileges for their clients. Any way cpanel can be set up so su does not allow clients to go below their own /home directory?

    D
     
  4. djoverho

    djoverho Active Member

    Joined:
    Feb 19, 2002
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    WV
    Is there a way other than the wheel group to create a superuser...Like say for dedicated clients that don't pay their bill and you want to login and change their password so they can't access their server until they pay the bill. Like in windows you have different usernames but give different permissions such as admin. It would be nice when setting up a server for a dedicated client to be able to give him an account username as root but for us to still be access the server if/when he changes the password, or if there was a way to lock the password so it couldnt be changed...is any of this possible and if so...how? Thanks in advance.
     
  5. easyhoster1

    easyhoster1 Well-Known Member

    Joined:
    Sep 25, 2003
    Messages:
    659
    Likes Received:
    0
    Trophy Points:
    16
    If a dedicated server client does not pay there bill, the best command to run in ssh is;

    # halt

    This will shut down the server and when we get paid, we turn it back up...Suprising how fast we get our money :eek:)
     
  6. djoverho

    djoverho Active Member

    Joined:
    Feb 19, 2002
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    WV
    yeah, we can shut it down, but we cant get into shell if they change the password. I just thought it would be nice to have a seperate account for root access because the majority of the dedicated clients change the root password when give them access to it. I'm sure it can be done, I'm just not quite sure how to go about it...I'm thinking I would have to create an account in etc/passwd ...Is that correct? Thanks
     
  7. perlchild

    perlchild Well-Known Member

    Joined:
    Sep 1, 2002
    Messages:
    279
    Likes Received:
    0
    Trophy Points:
    16
    a remote controlled power distribution unit works wonders about this concept, just change the user's password before doing so... (if the user who hasn't paid, had ordered remote reboot access capaibility)
     
Loading...

Share This Page