autossl_check: Permission denied
I'm getting a pointlessly ambiguous error message when I run the following command:
I then logged in as both root and the user PHP runs as. The root user is able to run the command fine while the (confirmed) user PHP runs as is getting the same ambiguous permission denied error. The cPanel "Errors" page doesn't list anything relevant (just older errors I've cleaned up during this work session). I have had this command run successfully many times before via PHP's shell_exec command (which I always filter for semi-colon injection attacks). What can I do to debug this issue? Edit 1: my apologies, could a moderator please move this thread to the
/usr/local/cpanel/bin/autossl_check --user example
I then logged in as both root and the user PHP runs as. The root user is able to run the command fine while the (confirmed) user PHP runs as is getting the same ambiguous permission denied error. The cPanel "Errors" page doesn't list anything relevant (just older errors I've cleaned up during this work session). I have had this command run successfully many times before via PHP's shell_exec command (which I always filter for semi-colon injection attacks). What can I do to debug this issue? Edit 1: my apologies, could a moderator please move this thread to the
-
I went ahead and moved this but I did want to mention that you're getting the error because only the root user has the privilege to run this command. For example if i run this as my own user: [lauren@server /]$ /usr/local/cpanel/bin/autossl_check --user lauren bash: /usr/local/cpanel/bin/autossl_check: Permission denied [lauren@server /]$
This is because the autossl process can't be invoked by a user that is not root. The AutoSSL process is automatically started when a domain is added.0 -
- Is AutoSSL a third-party or native cPanel feature?
- How often is AutoSSL executed?
- Where can I change the frequency of it's execution?
- What, if any, is the point in only allowing the root user to run AutoSSL?
- When I am logged in as a user that is not root cPanel allows me to run AutoSSL, how can I emulate this?
0 -
- Is AutoSSL a third-party or native cPanel feature?
AutoSSL itself is native, the provider if you're using Sectigo is as well, if you're using Let's Encrypt it's considered a 3rd party provider- How often is AutoSSL executed?
An AutoSSL run is initiated any time a new domain is added and every 24 hours via cron[root@server cron.d]# cat /etc/cron.d/cpanel_autossl 57 1 * * * root /usr/local/cpanel/bin/autossl_check --all
- Where can I change the frequency of it's execution?
If you were going to increase the frequency I'd suggest adding a separate cron in root's crontab otherwise you could modify the cron.d entry but I can't guarantee that it wouldn't be modified.- What, if any, is the point in only allowing the root user to run AutoSSL?
The process runs as the root user because it runs the process for all users on the system. I cannot disagree that it would be nice if the process was able to be initiated by the user. There is a feature request for this present here:0 -
AutoSSL itself is native, the provider if you're using Sectigo is as well, if you're using Let's Encrypt it's considered a 3rd party provider ...
Thank you Lauren for all of those clarifications. One last question for now: does AutoSSL automatically run when a subdomain is added?0 -
Thank you Lauren for all of those clarifications. One last question for now: does AutoSSL automatically run when a subdomain is added?
Yes, it does, and if you're using the Let's Encrypt provider, then in fact AutoSSL executes every 3 hours.0
Please sign in to leave a comment.
Comments
5 comments