Creating a Basic cPanel Plugin Issue
I try to development my first cPanel plugin, i passed to write live page and install plugin
[PHP]header( "Purge Web Server cache" );
// Get domain user data.
$get_userdata = $cpanel->uapi(
'DomainInfo', 'domains_data',
array(
'format' => 'hash',
'return_https_redirect_status' => '1',
)
);
$domainListApiCall = $cpanel->api2('DomainLookup', 'getbasedomains', array());
$domainList = $domainListApiCall['cpanelresult'>['data'>;
echo '';
echo '
Web Cache for domain '.htmlspecialchars($_POST['domainName'>).' has been Purged'; } print $cpanel->footer(); // Add the footer. $cpanel->end(); // Disconnect from cPanel - only do this once. ?>[/PHP] My only problem at execute bash script with root privilege at this line, it return error message Permission denied [QUOTE]echo shell_exec('bash /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME/BASH_FILE.sh '.htmlspecialchars($_POST['domainName'>));
Please note that i don't have enough experience with Perl scripting Is there any assist?
Domain Name';
echo "
";
if(isset($_POST['domainName'>)) {
echo shell_exec('bash /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME/BASH_FILE.sh '.htmlspecialchars($_POST['domainName'>));
echo '";
foreach ($domainList as $domain) {
echo "" . $domain['domain'> . "";
}
echo "
";
echo '';
echo '';
echo '
';
echo "Web Cache for domain '.htmlspecialchars($_POST['domainName'>).' has been Purged'; } print $cpanel->footer(); // Add the footer. $cpanel->end(); // Disconnect from cPanel - only do this once. ?>[/PHP] My only problem at execute bash script with root privilege at this line, it return error message Permission denied [QUOTE]echo shell_exec('bash /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME/BASH_FILE.sh '.htmlspecialchars($_POST['domainName'>));
Please note that i don't have enough experience with Perl scripting Is there any assist?
-
Hello @mega_soft, It looks like you are inquiring about this topic as part of support ticket number 11880443. I'm monitoring the support ticket and will update this thread with the outcome once it's closed. Thank you. 0 -
Hello @mega_soft, I recommend starting with the example LiveAPI plugin for Perl documented on the link below: Guide to the LiveAPI System - Perl Module - Developer Documentation - cPanel Documentation Can you let me know if you're able to setup the plugin using the example on this document? Thank you. 0 -
Hello, Thank you for your update Basically i don't have enough experience at perl language, So if i create a plugin with perl i can't future update or modiffe But if you can convert current plugin at my first reply to perl language i will be glade 0 -
Hello @mega_soft, It's outside the scope of support we can offer to develop a custom Perl plugin, however I'm happy to offer advice or link you to an example if you can provide some additional information about the exact functionality you are attempting to include in your plugin. Thank you. 0 -
echo shell_exec('bash /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME/BASH_FILE.sh '.htmlspecialchars($_POST['domainName'>));
Are you able to run your bash script from the command line? First thing that comes to mind is making sure BASH_FILE.sh has execute permissions.chmod +x /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME/BASH_FILE.sh
Second thing is to look at which user your php script is running as when trying to execute shell_exec and make sure they have permission. I don't recall what the user cpanel uses by default. But you can check when running your script by inserting:echo shell_exec("whoami");
Third, maybe BASH_FILE.sh is executing but that code is generating the error. Hard to tell without seeing the code. Rather than echo for debuggin, a more graceful approach is to bring some logging in so you can see what's going on.// Log an error to the LiveAPI error log. $cpanel->debug_log('1','This is an error message.','false');
Note by default, LiveAPI environments log debugging data to the /home/user/.cpanel/LiveAPI.log.rand file, where user is the cPanel account's username, and rand is a random string that cPanel & WHM generates debug_log('1',$output,'false');0 -
Hello, The root cause is commands inside BASH_FILE.sh is require root privilege, so the file BASH_FILE.sh must executed as root privilege. 0 -
[QUOTE]so the file BASH_FILE.sh must executed as root privilege.
Find out what user the php script is running as I mentioned in my previous post, usually apache if using apache. Then add the appropriate privileges to the sudeors. For security purposes I recommend limiting root privileges for apache to the specific script you're trying to run. Like so:# from the command line edit /etc/sudoers as root using command visudo # don't edit it directly, you must use visudo. visudo # add the following line, change apache to your php user if needed # note the wildcard (*) at the end is needed to let the script run with # any parameters apache ALL=(ALL) NOPASSWD: /bin/bash /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME/BASH_FILE.sh *
0 -
Hello, The user who is executed the php and the bash script is current cPanel user. 0 -
Can you provide me with more details, and what actually i should do? 0 -
Can you provide me with more details, and what actually i should do?
Oh sorry, I was on mobile and didn't look at the original post. What I said about escalate privileges using the describe array only applies to an action hook. My research indicates cPanel plugins can only run as the calling cpanel user. What you're looking for is this:0 -
FYI here are 2 threads discussing essentially the same issue: The gist of this one is it's not possible with PHP. This one provides at least an example of how you should be doing privilege escalation using cPanel admin module as I mentioned in my last post. However, no resolution was given. 0 -
Hello, I did the following: Create index.live.pl instead of index.live.php and locate at /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME #!/usr/bin/perl # Instantiate the Cpanel::LiveAPI object. use Cpanel::LiveAPI (); # Connect to cPanel - only do this once. my $cpliveapi = Cpanel::LiveAPI->new(); # Get domain user data. my $get_userdata = $cpliveapi->uapi( 'DomainInfo', 'domains_data', { 'format' => 'hash', } ); # Perform the desired actions. # Disconnect from cPanel - only do this once. $cpanel->end();
then create a bin file and conf with paths /usr/local/cpanel/bin/admin/PLUGIN_NAME/PLUGIN_NAME.confmode=full
/usr/local/cpanel/bin/admin/PLUGIN_NAME/PLUGIN_NAME#!/usr/local/cpanel/3rdparty/bin/perl package purgecache::purgecache; use strict; use parent 'Cpanel::AdminBin::Script::Call'; __PACKAGE__->run() if !caller; sub _actions { return qw( DO_GOOD ) } sub DO_GOOD { my ($self, $arg1, $arg2) = @_; return "I did good with "$arg1" and "$arg2->[0]"."; } 1;
righ now i need assist to convert PHP to Perl code [PHP] $domainListApiCall = $cpanel->api2('DomainLookup', 'getbasedomains', array()); $domainList = $domainListApiCall['cpanelresult'>['data'>; echo ''; echo 'Domain Name'; echo ""; if(isset($_POST['domainName'>)) { echo shell_exec('bash /usr/local/cpanel/base/frontend/paper_lantern/PLUGIN_NAME/BASH_FILE.sh '.htmlspecialchars($_POST['domainName'>)); echo '"; foreach ($domainList as $domain) { echo "" . $domain['domain'> . ""; } echo ""; echo ''; echo ''; echo ''; echo "
Web Cache for domain '.htmlspecialchars($_POST['domainName'>).' has been Purged'; }[/PHP] then what next i can do sorry for the inconvenience, But i was forced from my boss to complete this plugin because he thought that development is apart of sysadmins tasks :(0 -
@mega_soft I totally get where you are coming from. I mean no offense, but you're unlikely to get anyone to freely write this plugin for you. I suggest you look into hiring someone. It's a fairly simple plugin so I'm guessing the cost would be minimal, and well worth the time saved and headache avoided. You can google for cpanel developers. I'm not affiliated with upwork or any of the service providers listed here but maybe these will help: - Removed - 0 -
Hello, What about other steps except perl convert 0
Please sign in to leave a comment.
Comments
15 comments