[BlueOnyx:11098] Re: Can't delete server administrator
Chuck Tetlow
chuck at tetlow.net
Fri Aug 3 15:56:11 -05 2012
Could that server have been "rooted"?? Maybe its taken away a lot of the root privileges - to keep the exploit from being removed??
Chuck
---------- Original Message -----------
From: Jeff Folk <jfolk at qzoneinc.com>
To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
Sent: Fri, 3 Aug 2012 15:04:19 -0500
Subject: [BlueOnyx:11097] Re: Can't delete server administrator
> On Aug 3, 2012, at 12:41 PM, Michael Stauber wrote:
>
> > Hi Michael, hi Jeff,
> >
> >>> The error is "Unable to remove the root user account, root-username".
> >
> > Ok, I have fixed it in SVN and also uploaded fixed base-user* RPMs to
> > the YUM repositories:
> >
> > http://devel.blueonyx.it/trac/changeset/918/
> >
> > The problem was that the /usr/sbin/userdel command on 5107R and 5108R
> > claims that the extra admin is still logged in (even if it is not) and
> > therefore refused to delete that account.
> >
> > The work around I applied is to "--force" the account deletion instead,
> > which skips that check. As I didn't want to apply more "force" than
> > required, only extra server admins are deleted this way, while all the
> > other users (and siteAdmin's) get deleted in the "old" way.
>
> Mine must be more messed up than that. Here is the messages log when I try to delete a server admin:
>
> Aug 3 14:57:40 box1 cced(smd)[28984]: client 6:handlers/base/console/generate_process_list.pl: SET succeeded
> Aug 3 14:57:40 box1 cced(smd)[28984]: client 6:[48:3746]: SET succeeded
> Aug 3 14:58:02 box1 cced(smd)[29122]: client [0:29119] has admin rights
> Aug 3 14:58:02 box1 cced(smd)[29127]: client [0:29124] has admin rights
> Aug 3 14:58:54 box1 cced(smd)[29252]: client 6:[48:3741]: DESTROY 178
> Aug 3 14:58:59 box1 cced(smd)[29252]: client 6:handlers/base/user/reserve_email.pl: DESTROY 179
> Aug 3 14:58:59 box1 cced(smd)[29252]: client 6:handlers/base/user/reserve_email.pl: DESTROY succeeded
> Aug 3 14:59:00 box1 cced(smd)[29252]: handler handlers/base/user/root_access.pl failed
> Aug 3 14:59:01 box1 cced(smd)[29477]: client [0:29474] has admin rights
> Aug 3 14:59:01 box1 cced(smd)[29482]: client [0:29479] has admin rights
> Aug 3 14:59:04 box1 cced(smd)[29252]: client 6:[48:3741]: DESTROY failed
>
> The problem appears to be in root_access. I can't remove or add root access to either of the server admin users. Trying to add root access to box1admin:
>
> Aug 3 15:03:06 box1 cced(smd)[30673]: client 6:[48:3744]: SET 178 "fullName" "=" "Server Admin" "capLevels" "=" "&adminUser&ipPooling&controlPower&" "sortName" "=" "" "ui_enabled" "=" "0"
> Aug 3 15:03:06 box1 cced(smd)[30673]: client 6:[48:3744]: SET succeeded
> Aug 3 15:03:06 box1 cced(smd)[30673]: client 6:[48:3744]: SET 178 . Disk "quota" "=" "20"
> Aug 3 15:03:06 box1 cced(smd)[30673]: client 6:[48:3744]: SET succeeded
> Aug 3 15:03:06 box1 cced(smd)[30673]: client 6:[48:3744]: SET 178 . RootAccess "enabled" "=" "1"
> Aug 3 15:03:08 box1 cced(smd)[30673]: client 6:handlers/base/user/root_access.pl: CREATE ProtectedEmailAlias local_alias = 1 action = box1admin alias = "root-box1admin"
> Aug 3 15:03:09 box1 cced(smd)[30673]: handler handlers/base/email/newaliases.pl failed
> Aug 3 15:03:09 box1 cced(smd)[30673]: client 6:handlers/base/user/root_access.pl: CREATE failed
> Aug 3 15:03:09 box1 cced(smd)[30673]: handler handlers/base/user/root_access.pl failed
> Aug 3 15:03:10 box1 cced(smd)[30673]: client 6:[48:3744]: SET failed
> Aug 3 15:03:10 box1 cced(smd)[30673]: client 6:[48:3744]: SET 178 . Shell "enabled" "=" "1"
> Aug 3 15:03:10 box1 cced(smd)[30673]: client 6:[48:3744]: SET succeeded
>
> Regards;
> Jeff
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
------- End of Original Message -------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20120803/e814df33/attachment.html>
More information about the Blueonyx
mailing list