Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
CentOS-WebPanel Bugs / NPM Install button inside user's panel create node_modules with root permissions
« on: November 11, 2024, 12:16:38 PM »
Hi all!
I think this is a bug, but not certain.
NPM Install button inside user's panel create node_modules directory with root permissions.
That should be not created with user permissions?
Some customers do they git pull and command wants to create files inside node_modules for updates, but the user is not root.
How to fix it?
Thanks!
I think this is a bug, but not certain.
NPM Install button inside user's panel create node_modules directory with root permissions.
That should be not created with user permissions?
Some customers do they git pull and command wants to create files inside node_modules for updates, but the user is not root.
How to fix it?
Thanks!
2
CentOS 8 Problems / Re: User with SSH can't run node commands on shell
« on: September 26, 2024, 12:11:10 PM »
Hi!
Worked!
This could be added to CWP new implementation as automatically in case user account has NodeJS enabled.
Thank you!
Worked!
This could be added to CWP new implementation as automatically in case user account has NodeJS enabled.
Thank you!
3
CentOS 8 Problems / Re: User with SSH can't run node commands on shell
« on: September 23, 2024, 02:05:31 PM »
Hi!
I got this:
[xxxx@xxxx ~]$ /opt/nvm/versions/node/v18.19.1/bin/npm
/usr/bin/env: ‘node’: No such file or directory
inside /opt/nvm/versions/node/v18.19.1/bin/ I have:
drwxr-xr-x 2 xxxx xxxx 56 Feb 13 2024 .
drwxr-xr-x 6 root root 108 Mar 22 2024 ..
lrwxrwxrwx 1 xxxx xxxx 45 Feb 13 2024 corepack -> ../lib/node_modules/corepack/dist/corepack.js
-rwxr-xr-x 1 xxxx xxxx 91859064 Feb 13 2024 node
lrwxrwxrwx 1 xxxx xxxx 38 Feb 13 2024 npm -> ../lib/node_modules/npm/bin/npm-cli.js
lrwxrwxrwx 1 xxxx xxxx 38 Feb 13 2024 npx -> ../lib/node_modules/npm/bin/npx-cli.js
xxxx is the customer user.
If I run that "node" file above, it runs, but npm (link above) not run.
I installed node environment using CWP server web interface, all automatic.
Thanks!
I got this:
[xxxx@xxxx ~]$ /opt/nvm/versions/node/v18.19.1/bin/npm
/usr/bin/env: ‘node’: No such file or directory
inside /opt/nvm/versions/node/v18.19.1/bin/ I have:
drwxr-xr-x 2 xxxx xxxx 56 Feb 13 2024 .
drwxr-xr-x 6 root root 108 Mar 22 2024 ..
lrwxrwxrwx 1 xxxx xxxx 45 Feb 13 2024 corepack -> ../lib/node_modules/corepack/dist/corepack.js
-rwxr-xr-x 1 xxxx xxxx 91859064 Feb 13 2024 node
lrwxrwxrwx 1 xxxx xxxx 38 Feb 13 2024 npm -> ../lib/node_modules/npm/bin/npm-cli.js
lrwxrwxrwx 1 xxxx xxxx 38 Feb 13 2024 npx -> ../lib/node_modules/npm/bin/npx-cli.js
xxxx is the customer user.
If I run that "node" file above, it runs, but npm (link above) not run.
I installed node environment using CWP server web interface, all automatic.
Thanks!
4
CentOS 8 Problems / User with SSH can't run node commands on shell
« on: September 20, 2024, 01:04:54 PM »
Hi!
I have a CWP Pro server with Nodejs applications and want to allow users to run node commands like "npm run build" in shell access.
I'm testing with one user that already runs Nodejs applications but can't run these commands on shell.
It said:
-bash: npm: command not found
There something missed on CWP pannel user's configuration?
Thanks!
I have a CWP Pro server with Nodejs applications and want to allow users to run node commands like "npm run build" in shell access.
I'm testing with one user that already runs Nodejs applications but can't run these commands on shell.
It said:
-bash: npm: command not found
There something missed on CWP pannel user's configuration?
Thanks!
5
Migration from other control panels / Re: CWP to CWP migration does not connect
« on: June 10, 2024, 07:17:26 PM »
Hi all.
I got this working.
In old (origin) server had following block to enable the user root to login with password in file sshd_config:
Match User root
PubkeyAuthentication no
PasswordAuthentication yes
PermitRootLogin yes
Without success and without any additional information on /var/log/secure log.
Searching on the internet I see this parameter and enabled it on sshd_config:
ChallengeResponseAuthentication yes
Without success too but with addicional log telling me:
pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
The user root is 0, always. So strange.
Searching on internet again I see this site https://www.ezeelogin.com/kb/article/sshd3167-pam_succeed_if-40;sshdauth-41;-requirement-uid-=-1000-not-met-by-user-root-306.html showing to enable root login by IP with bellow block on sshd_config file:
Match Address NEW_SERVER_IP
PermitRootLogin yes
PubkeyAuthentication no
PasswordAuthentication yes
Done this, restarted SSHD and connection was successful.
Here is the solution in case anyone facing this problem too.
Thanks you all for help!
I got this working.
In old (origin) server had following block to enable the user root to login with password in file sshd_config:
Match User root
PubkeyAuthentication no
PasswordAuthentication yes
PermitRootLogin yes
Without success and without any additional information on /var/log/secure log.
Searching on the internet I see this parameter and enabled it on sshd_config:
ChallengeResponseAuthentication yes
Without success too but with addicional log telling me:
pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
The user root is 0, always. So strange.
Searching on internet again I see this site https://www.ezeelogin.com/kb/article/sshd3167-pam_succeed_if-40;sshdauth-41;-requirement-uid-=-1000-not-met-by-user-root-306.html showing to enable root login by IP with bellow block on sshd_config file:
Match Address NEW_SERVER_IP
PermitRootLogin yes
PubkeyAuthentication no
PasswordAuthentication yes
Done this, restarted SSHD and connection was successful.
Here is the solution in case anyone facing this problem too.
Thanks you all for help!
6
Migration from other control panels / Re: CWP to CWP migration does not connect
« on: June 05, 2024, 11:03:30 AM »
Hi overseer.
Yes, I have.
I can connect with root using ssh in both servers.
Both servers has key file to login with other ssh user but with "PermitRootLogin yes" it will override key and allow login root with pw.
In my last post, with logs, we can see that ssh does 2 successfull connections.
The last 2 attempts is blocked because password fail.
I can't debug this.
Yes, I have.
I can connect with root using ssh in both servers.
Both servers has key file to login with other ssh user but with "PermitRootLogin yes" it will override key and allow login root with pw.
In my last post, with logs, we can see that ssh does 2 successfull connections.
The last 2 attempts is blocked because password fail.
I can't debug this.
7
Migration from other control panels / Re: CWP to CWP migration does not connect
« on: June 04, 2024, 06:11:04 PM »
Hi all!
Just to add to this thread a important information about ssh connections.
In log file /var/log/secure on old server, I see two successful connections and two failled connections.
Jun 4 15:08:40 XXXX sshd[21327]: Accepted password for root from xx.xx.xx.xx port 50776 ssh2
Jun 4 15:08:40 XXXX sshd[21327]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jun 4 15:08:41 XXXX sshd[21327]: Received disconnect from xx.xx.xx.xx port 50776:11: disconnected by user
Jun 4 15:08:41 XXXX sshd[21327]: Disconnected from xx.xx.xx.xx port 50776
Jun 4 15:08:41 XXXX sshd[21327]: pam_unix(sshd:session): session closed for user root
Jun 4 15:08:41 XXXX sshd[21339]: Connection closed by xx.xx.xx.xx port 50792 [preauth]
Jun 4 15:08:41 XXXX sshd[21341]: Connection closed by xx.xx.xx.xx port 50798 [preauth]
Jun 4 15:08:41 XXXX sshd[21343]: Accepted password for root from xx.xx.xx.xx port 50808 ssh2
Jun 4 15:08:41 XXXX sshd[21343]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jun 4 15:08:41 XXXX sshd[21343]: Received disconnect from xx.xx.xx.xx port 50808:11: disconnected by user
Jun 4 15:08:41 XXXX sshd[21343]: Disconnected from xx.xx.xx.xx port 50808
Jun 4 15:08:41 XXXX sshd[21343]: pam_unix(sshd:session): session closed for user root
Jun 4 15:08:41 XXXX sshd[21359]: Failed password for root from xx.xx.xx.xx port 50820 ssh2
Jun 4 15:08:41 XXXX sshd[21359]: Failed password for root from xx.xx.xx.xx port 50820 ssh2
Jun 4 15:08:41 XXXX sshd[21359]: Connection closed by xx.xx.xx.xx port 50820 [preauth]
Im still not able to connect and do migrations.
Thanks!
Just to add to this thread a important information about ssh connections.
In log file /var/log/secure on old server, I see two successful connections and two failled connections.
Jun 4 15:08:40 XXXX sshd[21327]: Accepted password for root from xx.xx.xx.xx port 50776 ssh2
Jun 4 15:08:40 XXXX sshd[21327]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jun 4 15:08:41 XXXX sshd[21327]: Received disconnect from xx.xx.xx.xx port 50776:11: disconnected by user
Jun 4 15:08:41 XXXX sshd[21327]: Disconnected from xx.xx.xx.xx port 50776
Jun 4 15:08:41 XXXX sshd[21327]: pam_unix(sshd:session): session closed for user root
Jun 4 15:08:41 XXXX sshd[21339]: Connection closed by xx.xx.xx.xx port 50792 [preauth]
Jun 4 15:08:41 XXXX sshd[21341]: Connection closed by xx.xx.xx.xx port 50798 [preauth]
Jun 4 15:08:41 XXXX sshd[21343]: Accepted password for root from xx.xx.xx.xx port 50808 ssh2
Jun 4 15:08:41 XXXX sshd[21343]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jun 4 15:08:41 XXXX sshd[21343]: Received disconnect from xx.xx.xx.xx port 50808:11: disconnected by user
Jun 4 15:08:41 XXXX sshd[21343]: Disconnected from xx.xx.xx.xx port 50808
Jun 4 15:08:41 XXXX sshd[21343]: pam_unix(sshd:session): session closed for user root
Jun 4 15:08:41 XXXX sshd[21359]: Failed password for root from xx.xx.xx.xx port 50820 ssh2
Jun 4 15:08:41 XXXX sshd[21359]: Failed password for root from xx.xx.xx.xx port 50820 ssh2
Jun 4 15:08:41 XXXX sshd[21359]: Connection closed by xx.xx.xx.xx port 50820 [preauth]
Im still not able to connect and do migrations.
Thanks!
8
Migration from other control panels / Re: CWP to CWP migration does not connect
« on: May 31, 2024, 05:02:31 PM »
Hi Starbust.
Yes, port 2403 is opened in both servers and firewalls. I can connect to it.
Yes, the API server is generated in old server.
All the informations on new server are valid.
Im trying using root password. I can connect from outside to both servers using root password.
I would like to try to connect using ssh key but I don't find where I put ssh key file on CWP Panel. Can you show me where?
It must be configured in ssh files using console?
I have only these fields in panel:
Server IP
User
Pass
Port ssh
Api Key CWP
Maximum simultaneous transfers
Thanks!
Yes, port 2403 is opened in both servers and firewalls. I can connect to it.
Yes, the API server is generated in old server.
All the informations on new server are valid.
Im trying using root password. I can connect from outside to both servers using root password.
I would like to try to connect using ssh key but I don't find where I put ssh key file on CWP Panel. Can you show me where?
It must be configured in ssh files using console?
I have only these fields in panel:
Server IP
User
Pass
Port ssh
Api Key CWP
Maximum simultaneous transfers
Thanks!
9
Migration from other control panels / Re: CWP to CWP migration does not connect
« on: May 29, 2024, 01:21:31 PM »
Hi.
Yes, I have disabled the 2 firewalls.
I have read about ahorten password, tried too.
Without success.
Thanks.
Yes, I have disabled the 2 firewalls.
I have read about ahorten password, tried too.
Without success.
Thanks.
10
Migration from other control panels / CWP to CWP migration does not connect
« on: May 28, 2024, 06:32:20 PM »
Hi!
I have some CWP servers and I need to transfer accounts fromold CWP to new CWP but does not work.
The CWP are in the same version, but OS not, the older is Centos 7 and new is Centos 8.
I done this migrations before with other servers but in this case isn't working.
I have the follow log on /var/log/cwp/account_transfer.log of new server:
2024-05-28 17:58:39 export SSHPASS=************; /usr/bin/sshpass -e /usr/bin/ssh -pXXXX -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet root@XXXXXX
2024-05-28 17:58:39 test -d /usr/local/cwp/ && echo 'true' || echo 'false'
2024-05-28 17:58:39 true
2024-05-28 17:58:40 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p ' XXX' -o 'StrictHostKeyChecking=no' 'root@XXXXXX'"
and check to make sure that only the key(s) you wanted were added.
2024-05-28 17:58:40 export SSHPASS=**********;/usr/bin/sshpass -e ssh-copy-id "-p XXX" root@XXXXXX -o StrictHostKeyChecking=no 2>&1
2024-05-28 17:58:40 /usr/bin/ssh -p XXX -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet root@XXXXXXXX test -d /usr/local/cwp/ && echo 'true' || echo 'false' 2>&1
2024-05-28 17:58:40 false
We have the first command returned true and the last returned false.
I can connect using SSH to old server in command line.
The port 2403 (API) is open.
I can't figure out what is wrong.
Some one can help me?
Thanks!
I have some CWP servers and I need to transfer accounts fromold CWP to new CWP but does not work.
The CWP are in the same version, but OS not, the older is Centos 7 and new is Centos 8.
I done this migrations before with other servers but in this case isn't working.
I have the follow log on /var/log/cwp/account_transfer.log of new server:
2024-05-28 17:58:39 export SSHPASS=************; /usr/bin/sshpass -e /usr/bin/ssh -pXXXX -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet root@XXXXXX
2024-05-28 17:58:39 test -d /usr/local/cwp/ && echo 'true' || echo 'false'
2024-05-28 17:58:39 true
2024-05-28 17:58:40 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p ' XXX' -o 'StrictHostKeyChecking=no' 'root@XXXXXX'"
and check to make sure that only the key(s) you wanted were added.
2024-05-28 17:58:40 export SSHPASS=**********;/usr/bin/sshpass -e ssh-copy-id "-p XXX" root@XXXXXX -o StrictHostKeyChecking=no 2>&1
2024-05-28 17:58:40 /usr/bin/ssh -p XXX -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet root@XXXXXXXX test -d /usr/local/cwp/ && echo 'true' || echo 'false' 2>&1
2024-05-28 17:58:40 false
We have the first command returned true and the last returned false.
I can connect using SSH to old server in command line.
The port 2403 (API) is open.
I can't figure out what is wrong.
Some one can help me?
Thanks!
11
CentOS-WebPanel Bugs / Problem installing PostgreSQL and phpPgAdmin
« on: March 18, 2024, 06:35:05 PM »
Hi!
Im using CWPPro and having some trouble with PostgreSQL and phpPgAdmin.
The installation of PostgreSQL database server was fine using root panel. I can create databases and users.
When I install phpPgAdmin using command /script/install_phpPgAdmin the command runs fine, no errors, but when I click in phpPgAdmin a PHP error occured telling me that I does'n have PHP module enabled.
I tried to enable module but with no success.
I found a site with another installing method that worked:
https://www.alphagnu.com/topic/321-how-to-enable-pgadmin/
But when I try to login in database, does not work. Always show "Login Failed" and this database log:
2024-03-18 17:54:23.515 GMT [523] LOG: provided user name (XXXXX) and authenticated user name (cwpsvc) do not match
2024-03-18 17:54:23.515 GMT [523] FATAL: Peer authentication failed for user "XXXXX"
2024-03-18 17:54:23.515 GMT [523] DETAIL: Connection matched pg_hba.conf line 84: "local all all peer"
Is this a bug?
I have to change some configuration file?
Thanks!
Im using CWPPro and having some trouble with PostgreSQL and phpPgAdmin.
The installation of PostgreSQL database server was fine using root panel. I can create databases and users.
When I install phpPgAdmin using command /script/install_phpPgAdmin the command runs fine, no errors, but when I click in phpPgAdmin a PHP error occured telling me that I does'n have PHP module enabled.
I tried to enable module but with no success.
I found a site with another installing method that worked:
https://www.alphagnu.com/topic/321-how-to-enable-pgadmin/
But when I try to login in database, does not work. Always show "Login Failed" and this database log:
2024-03-18 17:54:23.515 GMT [523] LOG: provided user name (XXXXX) and authenticated user name (cwpsvc) do not match
2024-03-18 17:54:23.515 GMT [523] FATAL: Peer authentication failed for user "XXXXX"
2024-03-18 17:54:23.515 GMT [523] DETAIL: Connection matched pg_hba.conf line 84: "local all all peer"
Is this a bug?
I have to change some configuration file?
Thanks!
12
CentOS-WebPanel Bugs / SCP files upload in wrong permission
« on: June 01, 2018, 06:01:40 PM »
Hi!
I was using SCP to send files through ssh and I noticed that files upload are created in different permission than original permission of owner.
The FTP works well, but SCP dont.
Att,
I was using SCP to send files through ssh and I noticed that files upload are created in different permission than original permission of owner.
The FTP works well, but SCP dont.
Att,
13
CentOS 7 Problems / Problems and suggestions for Wildcard certificate installation and CSR generatio
« on: March 15, 2018, 08:30:15 PM »
Hi!
First, congrats for this panel. Its the best panel available at low cost.
Now, some suggestions.
I always have problem when installing Wildcard certificate, beacuse Wildcard works a little bit different from normal domain certificate. This is not so easy for non-technical people and I think with some not so hard changes, this will become easier.
First, when creating CSR for domain, we must use *.domain.com for Wildcard SSL. This will create the file with "*." in name, like "*.domain.com", for example. The panel shows error when it reads this file.
I suggest, if the domain starts with "*." chars, this is always a Wildcard domain, just ignore them. Create the file with domain name only, follow by ".cert", ".key" or ".csr".
Second, the Wildcard certificate is the same file for all subdomains that needs to be certificated. The panel creates a file for each domain, because it uses the domain name given in field "Domain:" on "SSL Cert Manager". This cause the user to copy and paste the certificate every time when he needs to use the cert. If this cert will be renewed, the user needs to update all these files.
I suggest use the same name when created the CSR file, without final part ".csr" of file. The domain is only used to apache configuration files. When need to renew this certificate, we just update one file with certificate and all subdomains is ok.
If there was a checkbox that tells to panel if this is a wildcard certificate, or if the panel identifies from domain having *. in the beggining, would help.
Sorry about the long post.
That's all, i think!
Thanks!
First, congrats for this panel. Its the best panel available at low cost.
Now, some suggestions.
I always have problem when installing Wildcard certificate, beacuse Wildcard works a little bit different from normal domain certificate. This is not so easy for non-technical people and I think with some not so hard changes, this will become easier.
First, when creating CSR for domain, we must use *.domain.com for Wildcard SSL. This will create the file with "*." in name, like "*.domain.com", for example. The panel shows error when it reads this file.
I suggest, if the domain starts with "*." chars, this is always a Wildcard domain, just ignore them. Create the file with domain name only, follow by ".cert", ".key" or ".csr".
Second, the Wildcard certificate is the same file for all subdomains that needs to be certificated. The panel creates a file for each domain, because it uses the domain name given in field "Domain:" on "SSL Cert Manager". This cause the user to copy and paste the certificate every time when he needs to use the cert. If this cert will be renewed, the user needs to update all these files.
I suggest use the same name when created the CSR file, without final part ".csr" of file. The domain is only used to apache configuration files. When need to renew this certificate, we just update one file with certificate and all subdomains is ok.
If there was a checkbox that tells to panel if this is a wildcard certificate, or if the panel identifies from domain having *. in the beggining, would help.
Sorry about the long post.
That's all, i think!
Thanks!
14
SSL / Re: Want to install Wildcard SSL in CWP
« on: March 15, 2018, 08:11:12 PM »
This is very hard. I whink they should take this easy to us. I will post the problems I have facing with this in another thread.
To install a Wildcard SSL, first, you generate a CSR. You need to use *.domain.com in CN. The file will be generated with "*." in name, this is your first problem, because it is not recognized by panel.
Login in SSH and rename file "*.domain.com.csr" to just "domain.com.csr". Do the same with key file.
These files are located in "/etc/pki/tls/certs" and "/etc/pki/tls/private".
After this, get your CSR and order your certificate.
After you receive your certificate, you must paste the certificate in file "domain.com.cert" inside "/etc/pki/tls/certs". I don't remember if this file is created empty. If not, create yourself using panel file manager.
When you go to install your cert for your domain, the panel suggest the "*.domain.com" as domain, you need use only "domain.com" as domain, otherwise, will not work. This is the second problem, because the panel use the domain name you specify as file name.
When you go to install the certificate for other subdomains of your domain, the panel use a diferent file for each subdomain, but this certificate is a Wildcard, there is no sense to use diferent filenames for this, just specify other domain and your are ok.
In this case, you will need to copy the content of certificate file to this new created subdomain file, and for the bundle file too.
The bundle file must contain the certificate for your domain (the one you bought) and below the root certificate from your certificate provider.
This is a bit confusing.
To install a Wildcard SSL, first, you generate a CSR. You need to use *.domain.com in CN. The file will be generated with "*." in name, this is your first problem, because it is not recognized by panel.
Login in SSH and rename file "*.domain.com.csr" to just "domain.com.csr". Do the same with key file.
These files are located in "/etc/pki/tls/certs" and "/etc/pki/tls/private".
After this, get your CSR and order your certificate.
After you receive your certificate, you must paste the certificate in file "domain.com.cert" inside "/etc/pki/tls/certs". I don't remember if this file is created empty. If not, create yourself using panel file manager.
When you go to install your cert for your domain, the panel suggest the "*.domain.com" as domain, you need use only "domain.com" as domain, otherwise, will not work. This is the second problem, because the panel use the domain name you specify as file name.
When you go to install the certificate for other subdomains of your domain, the panel use a diferent file for each subdomain, but this certificate is a Wildcard, there is no sense to use diferent filenames for this, just specify other domain and your are ok.
In this case, you will need to copy the content of certificate file to this new created subdomain file, and for the bundle file too.
The bundle file must contain the certificate for your domain (the one you bought) and below the root certificate from your certificate provider.
This is a bit confusing.
15
Information / Re: PHP or Apache disabled functions
« on: August 29, 2017, 12:31:11 PM »
I understand.
But the other panels also run with cgi and works. Do you know if this function is disabled in some config file?
I think just enabling this function will not affect security, or am I wrong?
Thanks!
But the other panels also run with cgi and works. Do you know if this function is disabled in some config file?
I think just enabling this function will not affect security, or am I wrong?
Thanks!
Pages: [1] 2
