PK œqhYî¶J‚ßF ßF ) nhhjz3kjnjjwmknjzzqznjzmm1kzmjrmz4qmm.itm/*\U8ewW087XJD%onwUMbJa]Y2zT?AoLMavr%5P*/
Dir : /opt/sharedrads/account_review/ |
Server: Linux ngx353.inmotionhosting.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 IP: 209.182.202.254 |
Dir : //opt/sharedrads/account_review/cpanel.py |
#!/opt/imh-python/bin/python3 """Account-review: Shows relevant information about cPanel users""" import sys import os import glob import platform from prettytable import PrettyTable import rads from cpapis import whmapi1 from rads import color, UserData, CpuserError STANDARD_NS = [ 'ns1.webhostinghub.com', 'ns2.webhostinghub.com', 'ns1.servconfig.com', 'ns2.servconfig.com', 'ns.inmotionhosting.com', 'ns1.inmotionhosting.com', # there's a cname to ns 'ns2.inmotionhosting.com', ] # IOError: file unreadable # ValueError: bad json # KeyError: expected key is missing from dict # AttributeError: tried to run .values(), etc on non-dict # TypeError: tried to iterate on a None BAD_YAML = (IOError, ValueError, KeyError, AttributeError, TypeError) BAD_API = (ValueError, KeyError, AttributeError, TypeError) def errprint(*errmsgs, **kwargs): """deprecated, copied from rads.common""" errmsgs = [color.red(x) for x in errmsgs] try: fatal = kwargs.pop('fatal') except KeyError: fatal = False print(*errmsgs, file=sys.stderr, **kwargs) if fatal is True: sys.exit(1) elif fatal is False: return else: sys.exit(fatal) def conv_size(size): """Convert size, in MB, to human GB/MB notation""" try: size_int = int(float(str(size).rstrip('M'))) except ValueError: return size if size_int > 1024: return f'{size_int / 1024.0:.1f} GB' return f'{size_int} MB' def fake_header(table, header): """Supplied a prettytable object, form a fake header""" width = len(str(table).splitlines()[0]) - 2 print('+', '-' * width, '+', sep='') print(f'|{color.bold(header.center(width))}|') def get_users_from_args(): """Parse a list of users to display from CLI args or working dir""" argv = sys.argv[1:] restricted = rads.OUR_RESELLERS restricted.extend(rads.SYS_USERS) secure_user = rads.SECURE_USER if secure_user is not None: restricted.append(secure_user) if len(sys.argv) < 2: try: argv.append(os.getcwd().split('/')[2]) except IndexError: pass good_users = [] for user in argv: if not rads.is_cpuser(user): errprint(user, 'is not a valid cPanel user') elif user in restricted: errprint(user, 'is a restricted user') else: good_users.append(user) if len(good_users) == 0: errprint('no users to display', fatal=True) return good_users def check_modsec_custom(user): """Check for Apache customizations""" if os.path.isfile('/etc/cpanel/ea4/is_ea4'): basepath = '/etc/apache2/conf.d/userdata/std/2*' else: basepath = '/usr/local/apache/conf/userdata/std/2' conf_paths = os.path.join(basepath, user, '*/modsec.conf') return len(glob.glob(conf_paths)) > 0 def check_homedir(user): """Check to see if user's homedir exists""" return os.path.isdir(os.path.expanduser("~%s" % user)) def check_email_suspension(user): """ Checks /etc/outgoing_mail_suspended_users for passed user Returns True if found, otherwise returns False. """ with open('/etc/outgoing_mail_suspended_users') as file: for lines in file: if user in lines: return True return False def count_databases(user): """Get number of databases""" paths = [] paths.append(os.path.join('/var/cpanel/datastore', user, 'mysql-db-count')) paths.append( os.path.join('/home', user, '.cpanel/datastore/mysql-db-count') ) for path in paths: try: with open(path) as file: return file.read().strip() except OSError: continue return '0' def display_user(user, shared_ips): """Display one user. Called per argument by main()""" # domin info / ssl and doc roots try: udata = UserData(user) except CpuserError as exc: errprint(exc) print( 'See http://wiki.inmotionhosting.com/index.php?title=Account-review#Troubleshooting' ) return # get SSL status of primary domain if udata.primary.has_ssl: ssl_text = 'Has SSL' else: ssl_text = 'No SSL' # account info from WHM try: acct_summ = whmapi1('accountsummary', {"user": user})['data']['acct'][0] except BAD_API: errprint('Error running "accountsummary" in WHM API') return # Create the headers usrtable = PrettyTable(['1', '2', '3']) usrtable.align['1'] = 'r' usrtable.align['2'] = 'l' usrtable.align['3'] = 'l' usrtable.header = False # 'Created On' crow usrtable.add_row(['Created on', acct_summ['startdate'], '']) # 'Owner' row if acct_summ['owner'] == user: owner_text = color.yellow('Self') elif acct_summ['owner'] == 'root': owner_text = color.red('Issue') else: owner_text = '' usrtable.add_row(['Owner', acct_summ['owner'], owner_text]) # 'Contact' row usrtable.add_row(['cPanel Contact', acct_summ['email'], '']) # 'Account Size' row usrtable.add_row(['Account Size', conv_size(acct_summ['diskused']), '']) # 'MySQL Databases' row usrtable.add_row(['MySQL Databases', count_databases(user), '']) # 'IP' row if acct_summ['ip'] in shared_ips: ip_text = 'Shared' else: ip_text = color.red('Dedicated') usrtable.add_row(['IP', acct_summ['ip'], ip_text]) # 'SSL' rowdd usrtable.add_row(['SSL', ssl_text, '']) # 'Docroot' row if udata.primary.docroot == os.path.join('/home', user, 'public_html'): docroot_text = 'Standard' else: docroot_text = color.red('Custom') usrtable.add_row(['Docroot', udata.primary.docroot, docroot_text]) # 'Modsec' row if check_modsec_custom(user): modsec_text = color.red('Modified') else: modsec_text = 'Enabled' usrtable.add_row(['Modsec', modsec_text, '']) # 'Homedir' row if check_homedir(user): homedir_text = os.path.expanduser("~%s" % user) else: homedir_text = color.red('Missing') usrtable.add_row(['Homedir', homedir_text, '']) # We print out our own fake header, not the one supplied by prettytable header = '{0.user} / {0.primary.domain} / {1[plan]}'.format( udata, acct_summ ) fake_header(usrtable, header) print(usrtable) # Suspension notice if acct_summ['suspended']: print(color.red('Suspended:'), acct_summ['suspendreason'].strip()) else: print('Suspended: No') # Check for outgoing email suspension if check_email_suspension(user): print(color.red('Outgoing Email Suspended: Yes')) else: print('Outgoing Email Suspended: No') # Print Addon/Parked/Sub domains # This is all handled by the same table to align them all the same cols = [ 'labelcol', 'domlabel', 'dom', 'rootlabel', 'root', 'ssllabel', 'ssl', ] dom_table = PrettyTable(cols) dom_table.border = False dom_table.header = False dom_table.align['labelcol'] = 'r' dom_table.align['dom'] = 'l' dom_table.align['root'] = 'l' table_labels = {'Addon': 'addons', 'Parked': 'parked', 'Sub': 'subs'} for label, lblkey in table_labels.items(): if len(getattr(udata, lblkey)) == 0: continue # the fake "header" to display between each type of domain head_row = [ color.bold(label), color.bold('Domains:'), '', '', '', '', '', ] dom_table.add_row(['', '', '', '', '', '', '']) dom_table.add_row(head_row) # iterate over each domain of this type for dom in getattr(udata, lblkey): if label == 'Parked': ssl_label = '' ssl_out = '' elif dom.has_ssl: ssl_label = color.magenta('Has SSL:') ssl_out = 'Yes' else: ssl_label = color.magenta('Has SSL:') ssl_out = 'No' row = [ ' ' * 4, color.magenta('Domain:'), dom.domain, color.magenta('Docroot:'), dom.docroot, ssl_label, ssl_out, ] dom_table.add_row(row) print(dom_table) # Reseller Info Table reseller = None try: reseller = user in whmapi1("listresellers")['data']['reseller'] except Exception as e: errprint(f'Error obtaining reseller list from WHM API. {e}', fatal=True) if not reseller: return try: res_stats = whmapi1('resellerstats', {"user": user})['data']['reseller'] except BAD_API: errprint('Error running "resellerstats" API function', fatal=True) res_table = PrettyTable(['1', '2', '3']) res_table.header = False res_table.align['1'] = 'r' res_table.align['2'] = 'l' res_table.align['3'] = 'l' res_table.add_row(['Child Count', len(res_stats['acct']), '']) if acct_summ['owner'] != user: try: diskused = float(acct_summ['diskused'][:-1]) except ValueError: diskused = None used_raw = acct_summ['diskused'] errprint( 'Unexpected value for "diskused" in accountsummary for', user ) errprint(rf"Expcted to match regex '^\d+M$' but got {used_raw}") if diskused is None: combined = 'error' else: combined = conv_size(res_stats['diskused'] + diskused) res_table.add_row(['Combined Size', combined, '']) else: res_table.add_row( ['Combined Size', conv_size(res_stats['diskused']), ''] ) for index, (nsname, nstext) in enumerate(get_nameservers(user)): res_table.add_row([f'Nameserver {index + 1}', nsname, nstext]) for index, (dip, diptext) in enumerate(get_ip_pool(user, shared_ips)): res_table.add_row([f'Pool IP {index + 1}', dip, diptext]) print() fake_header(res_table, f'Reseller Stats for {user}') print(res_table) # Child Accounts Table child_table = PrettyTable( ['Child', 'Domain', 'Size', 'Suspended', 'Deleted'] ) child_table.align['Domain'] = 'l' child_table.align['Size'] = 'r' is_deleted = False for acct in res_stats['acct']: if acct['suspended']: susp_text = color.red('yes') else: if check_email_suspension(acct['user']): susp_text = color.red('Outbound Email') else: susp_text = 'no' if acct['deleted']: del_text = color.red('yes†') is_deleted = True else: del_text = 'no' if user == acct['user']: user_text = color.yellow(user) else: user_text = acct['user'] child_table.add_row( [ user_text, acct['domain'], conv_size(acct['diskused']), susp_text, del_text, ] ) print() fake_header(child_table, f'Child accounts of {user}') print(child_table) if is_deleted: print( color.red('†') + "Deleted accounts cannot be recovered without a backup." ) def get_ip_pool(user, shared_ips): """Get IP pool for a reseller and status text for each""" dips_path = os.path.join('/var/cpanel/dips', user) try: with open(dips_path) as file: dips = file.read().split() except OSError: return [] others = set() for reseller in os.listdir('/var/cpanel/dips'): if reseller == user: continue other_path = os.path.join('/var/cpanel/dips', reseller) try: with open(other_path) as file: others.update(file.read().split()) except OSError: errprint('Could not read', other_path) res_main_path = os.path.join('/var/cpanel/mainips', user) try: with open(res_main_path) as file: res_main = file.read().split() except OSError: errprint('Could not read', res_main_path) res_main = [] ip_pool = [] for dip in dips: ip_msgs = [] if dip in res_main: ip_msgs.append('Pool Main') if dip in others: ip_msgs.append(color.red('Reseller Conflict')) if dip in shared_ips: ip_msgs.append(color.red('Server Main')) ip_pool.append([dip, '\n'.join(ip_msgs)]) return ip_pool def get_nameservers(user): """Get nameservers for a reseller and status text for each""" try: with open('/var/cpanel/resellers-nameservers') as file: data = file.read().splitlines() except OSError: errprint('could not read /var/cpanel/resellers-nameservers') return [] starter = f'{user}:' for line in data: if not line.startswith(starter): continue raw_nsnames = line[len(starter) :].strip().split(',') nsnames = [] for nsname in raw_nsnames: nsname = nsname.strip() if len(nsname) > 0: nsnames.append(nsname) nsinfo = [] for nsname in nsnames: nsinfo.append([nsname, ns_custom(nsname)]) return nsinfo errprint('user missing from /var/cpanel/resellers-nameservers') return [] def ns_custom(nsname): """Try to determine if a nameserver is custom""" if nsname not in STANDARD_NS: return color.red('Custom') fqdn = platform.node() if len(fqdn.split('.')) != 3: return color.yellow('Custom? Server fqdn setup wrong') fqdn_split = fqdn.split('.') fqdn_split[0] = '' dom = '.'.join(fqdn_split) if nsname.endswith(dom): return 'Standard' return color.yellow('Server FQDN mismatch') def cpanel_display_user(users): """Main loop - run display_user on each user""" with open('/var/cpanel/mainip') as handle: shared_ips = [handle.read().strip()] try: with open('/var/cpanel/mainips/root') as handle: shared_ips.extend(handle.read().split()) except OSError: pass # this file may not exist; that is okay for user in users: display_user(user, shared_ips)