PNG  IHDR;IDATxܻn0K )(pA 7LeG{ §㻢|ذaÆ 6lذaÆ 6lذaÆ 6lom$^yذag5bÆ 6lذaÆ 6lذa{ 6lذaÆ `}HFkm,mӪôô! x|'ܢ˟;E:9&ᶒ}{v]n&6 h_tڠ͵-ҫZ;Z$.Pkž)!o>}leQfJTu іچ\X=8Rن4`Vwl>nG^is"ms$ui?wbs[m6K4O.4%/bC%t Mז -lG6mrz2s%9s@-k9=)kB5\+͂Zsٲ Rn~GRC wIcIn7jJhۛNCS|j08yiHKֶۛkɈ+;SzL/F*\Ԕ#"5m2[S=gnaPeғL lذaÆ 6l^ḵaÆ 6lذaÆ 6lذa; _ذaÆ 6lذaÆ 6lذaÆ RIENDB` #!/usr/local/cpanel/3rdparty/bin/perl # cpanel - scripts/updatesupportauthorizations Copyright 2022 cPanel, L.L.C. # All rights reserved. # copyright@cpanel.net http://cpanel.net # This code is subject to the cPanel license. Unauthorized copying is prohibited use strict; use Cpanel::SSH (); use Cpanel::Sys::Escalate (); use Whostmgr::ACLS (); use Whostmgr::TicketSupport::DataStore (); # verify we're root # die 'You must run this script as root!' if $> != 0; # we need to override these for this to work # sub hasfeature { return 1; } no warnings 'redefine'; local *Whostmgr::ACLS::hasroot = sub { return 1; }; # load and seed the storable with a sane list of users # my $ds = Whostmgr::TicketSupport::DataStore->new(); print "Enumerating all the su and sudo users on the system...\n"; # figure out all the users to search (THIS IS VERY INEFFECIENT BECAUSE USERS MUST BE IN-ORDER!!!) # my @users = ('root'); { my $sudo_users = Cpanel::Sys::Escalate::get_list_of_sudo_users(); push @users, grep { my $sudo_user = $_; !grep { $_ eq $sudo_user } @users } @{$sudo_users}; } { my $su_users = Cpanel::Sys::Escalate::get_list_of_su_users(); push @users, grep { my $su_user = $_; !grep { $_ eq $su_user } @users } @{$su_users}; } print "Scanning home directories for recognized cPanel Support SSH public keys...\n"; # enumerate and rebuild the cached list of users # my ( %checked_homedirs, @users_detected ); foreach my $user (@users) { # prevent checking duplicate users # my $user_homedir = Cpanel::SSH::_getsshdir( $user, { skip_create => 1 } ); next if !$user_homedir || defined $checked_homedirs{$user_homedir} || !-d $user_homedir; $checked_homedirs{$user_homedir} = 1; # find all relevant keys # my ( $keys, $warnings ) = Cpanel::SSH::_listkeys( 'user' => $user, 'private' => 0, 'public' => 1 ); foreach my $key ( @{$keys} ) { # make sure we can parse the key text # next if $key->{'text'} !~ m/\s+(\w{3,64})_server_(\w{1,64})\@cpanel.net_\d+/; # add to our list... # push @users_detected, $user; # we only need one key match # last; } } print "Writing out the support authorizations users cache...\n"; # ONLY update the list of users # $ds->set( 'users', \@users_detected ); # write and we're done # $ds->cleanup(); print "Done!\n";