Can't get user out of LVE
Forum
  1. Forums
  2. CloudLinux and Control Panels
  3. CloudLinux and cPanel
  1. Ignacio
  2. 18.02.2020
  3.  Subscribe via email
Hi,

I need a user to stay out completely from LVE so it can view all processes.
I've tried the following without success:

-> usermod -u 55 netdata (to set a UID below 500)
-> usermod -G wheel netdata (to add it to the "wheel" user that supposedly is out of LVE)
-> edit /etc/pam.d/sshd and add:

session required pam_lve.so 500 1 wheel,netdata

The only thing that works is adding the user to the "clsupergid" like this:
usermod -G clsupergid netdata

But seems that there is some cloudlinux cron that pulls the user out of this group after some time.

Ignacio
Rate this post:
  1. 18.02.2020 17:02:19
  2. # 1
Sergey Khristich Accepted Answer
Posts: 469
Joined: 20.05.2019
0
Votes
Undo
Hello Ignacio,
Thank you for reaching out! The information will be useful to you in this document https://docs.cloudlinux.com/cloudlinux_os_components/#excluding-users
If you have any other questions, feel free to ask here. Thank you for contacting us.
Marketing Manager
  1. 18.02.2020 18:02:58
  2. # 2
Ignacio Accepted Answer
Posts: 10
Joined: 19.12.2019
0
Votes
Undo
Hi Sergey,

Thanks but I forgot to tell that I've already tried that.
I also tried disabling CageFS for the user:

#echo "netdata" > /etc/cagefs/exclude/netdata
# cagefsctl --disable netdata
Error: user netdata does not exist
# cagefsctl --user-status netdata
Disabled

Ignacio
  1. 18.02.2020 18:02:27
  2. # 3
Sergey Khristich Accepted Answer
Posts: 469
Joined: 20.05.2019
0
Votes
Undo
Ignacio,
In this case, can you open a support ticket https://cloudlinux.zendesk.com/hc/en-us/requests/new so we can take a closer look at your system? You can post the ticket number here and we'll link this thread to it. Thanks.
Marketing Manager
  1. 18.02.2020 20:02:59
  2. # 4
Ignacio Accepted Answer
Posts: 10
Joined: 19.12.2019
0
Votes
Undo
Thanks Sergey, here is the ticket ID: #80593
  1. 19.02.2020 12:02:18
  2. # 5
Sergey Khristich Accepted Answer
Posts: 469
Joined: 20.05.2019
0
Votes
Undo
Hello Ignacio,
Thank you, our specialists will answer you on the ticket as quickly as possible.
Marketing Manager
  1. 14.06.2020 14:06:00
  2. # 6
Lars Kaptein Accepted Answer
Posts: 0
Joined: 30.10.2020
0
Votes
Undo
Hi,
Did you get this fixed? I'm having the same problems.
  1. 15.06.2020 10:06:44
  2. # 7
Sergey Khristich Accepted Answer
Posts: 469
Joined: 20.05.2019
0
Votes
Undo
Hi,
Did you get this fixed? I'm having the same problems.

Thank you for reaching out! The solution was as follows:

[[email protected] ~]# cat /etc/group | grep 1000
psaadm:x:1000:psaadm,sw-cp-server
[[email protected] ~]# sysctl -a | grep super
fs.proc_super_gid = 1000

A supergroup that’s able to see all processes is psaadm. We have also checked this on our test Plesk server - config is the same. The solution will be adding user ‘netdata’ to ‘psaadm’ group.
If it does not help, please create a ticket here https://cloudlinux.zendesk.com/hc/en-us/requests/new and technical experts will help you asap.
If you have any other questions, feel free to ask here. Thank you for contacting us.
Marketing Manager
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Lars Kaptein
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.