Linux ams-business-8.hostwindsdns.com 4.18.0-553.80.1.lve.el8.x86_64 #1 SMP Wed Oct 22 19:29:36 UTC 2025 x86_64
LiteSpeed
Server IP : 192.236.177.161 & Your IP : 216.73.216.50
Domains :
Cant Read [ /etc/named.conf ]
User : ajzdfbpz
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
opt /
cloudlinux /
venv /
bin /
Delete
Unzip
Name
Size
Permission
Date
Action
Activate.ps1
8.82
KB
-rw-r--r--
2026-01-20 13:01
activate
1.65
KB
-rw-r--r--
2026-01-20 13:01
activate.csh
915
B
-rw-r--r--
2026-01-20 13:01
activate.fish
2.14
KB
-rw-r--r--
2026-01-20 13:01
alembic
202
B
-rwxr-xr-x
2026-01-20 13:01
cagefs_enter_site.py
1.83
KB
-rwxr-xr-x
2026-02-17 10:35
cagefsctl_user.py
12.89
KB
-rwxr-xr-x
2026-02-17 10:35
chardetect
210
B
-rwxr-xr-x
2026-01-20 13:01
cl_sysctl
4.51
KB
-rwxr-xr-x
2026-01-20 14:17
clcpapi
3.64
KB
-rwxr-xr-x
2026-01-20 14:17
coverage
204
B
-rwxr-xr-x
2026-01-20 13:01
coverage-3.11
204
B
-rwxr-xr-x
2026-01-20 13:01
coverage3
204
B
-rwxr-xr-x
2026-01-20 13:01
cpanel-dbmapping
3.83
KB
-rwxr-xr-x
2026-01-20 14:17
crontab-user-wrapper.py
2.46
KB
-rwxr-xr-x
2026-02-17 10:35
da_suid_caller.py
686
B
-rw-r--r--
2026-01-20 14:17
detect-requirements
211
B
-rwxr-xr-x
2026-01-20 13:01
dodgy
197
B
-rwxr-xr-x
2026-01-20 13:01
epylint
208
B
-rwxr-xr-x
2026-01-20 13:01
f2py
205
B
-rwxr-xr-x
2026-01-20 13:01
f2py3
205
B
-rwxr-xr-x
2026-01-20 13:01
f2py3.11
205
B
-rwxr-xr-x
2026-01-20 13:01
flake8
203
B
-rwxr-xr-x
2026-01-20 13:01
futurize
204
B
-rwxr-xr-x
2026-01-20 13:01
get_gprof
1.84
KB
-rwxr-xr-x
2026-01-20 13:01
get_objgraph
1.63
KB
-rwxr-xr-x
2026-01-20 13:01
isort
198
B
-rwxr-xr-x
2026-01-20 13:01
isort-identify-imports
232
B
-rwxr-xr-x
2026-01-20 13:01
jsonschema
202
B
-rwxr-xr-x
2026-01-20 13:01
lvestats_config_reader.py
1.12
KB
-rw-r--r--
2026-02-17 11:00
mako-render
202
B
-rwxr-xr-x
2026-01-20 13:01
normalizer
233
B
-rwxr-xr-x
2026-01-20 13:01
pasteurize
206
B
-rwxr-xr-x
2026-01-20 13:01
pip
237
B
-rwxr-xr-x
2026-01-20 13:01
pip3
237
B
-rwxr-xr-x
2026-01-20 13:01
pip3.11
237
B
-rwxr-xr-x
2026-01-20 13:01
plesk_suid_caller.py
905
B
-rw-r--r--
2026-01-20 14:17
prospector
202
B
-rwxr-xr-x
2026-01-20 13:01
py.test
210
B
-rwxr-xr-x
2026-01-20 13:01
pycodestyle
201
B
-rwxr-xr-x
2026-01-20 13:01
pydocstyle
202
B
-rwxr-xr-x
2026-01-20 13:01
pyflakes
200
B
-rwxr-xr-x
2026-01-20 13:01
pylint
206
B
-rwxr-xr-x
2026-01-20 13:01
pylint-config
222
B
-rwxr-xr-x
2026-01-20 13:01
pyreverse
212
B
-rwxr-xr-x
2026-01-20 13:01
pysemver
198
B
-rwxr-xr-x
2026-01-20 13:01
pytest
210
B
-rwxr-xr-x
2026-01-20 13:01
python
15.59
KB
-rwxr-xr-x
2026-01-07 22:45
python3
15.59
KB
-rwxr-xr-x
2026-01-07 22:45
python3.11
15.59
KB
-rwxr-xr-x
2026-01-07 22:45
raven
208
B
-rwxr-xr-x
2026-01-20 13:01
symilar
208
B
-rwxr-xr-x
2026-01-20 13:01
tap
196
B
-rwxr-xr-x
2026-01-20 13:01
tappy
196
B
-rwxr-xr-x
2026-01-20 13:01
undill
603
B
-rwxr-xr-x
2026-01-20 13:01
virtualenv
227
B
-rwxr-xr-x
2026-01-20 13:01
Save
Rename
#!/opt/cloudlinux/venv/bin/python3 -sbb # -*- coding: utf-8 -*- # # Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2025 All Rights Reserved # # Licensed under CLOUD LINUX LICENSE AGREEMENT # http://cloudlinux.com/docs/LICENCE.TXT # """ User-level CLI utility for managing website isolation. This script runs via proxyexec with root privileges but operates on behalf of the calling user. It validates that the user only manages domains they own. Commands: site-isolation-enable --domain DOMAIN[,DOMAIN2,...] Enable site isolation for domain(s) site-isolation-disable --domain DOMAIN[,DOMAIN2,...] Disable site isolation for domain(s) site-isolation-list List domains with site isolation enabled All commands output JSON: Success: {"result": "success", "enabled_sites": ["domain1", "domain2"]} Error: {"result": "ERROR_CODE"} """ import argparse import json import logging import os import sys import pwd from clcommon.cpapi import domain_owner from clcommon.cpapi.cpapiexceptions import NoDomain from clcagefslib.cli import ( call_via_proxyexec, in_cagefs, is_running_via_proxyexec, ) from clcagefslib.domain import ( enable_website_isolation, disable_website_isolation, get_websites_with_enabled_isolation, is_website_isolation_allowed_server_wide, is_website_isolation_allowed_for_user, ) from clcagefslib.fs import user_exists # Logging configuration LOG_FILE = "/var/log/cloudlinux/cagefsctl-user.log" # Proxyexec alias for all cagefsctl-user commands PROXYEXEC_ALIAS = "CAGEFSCTL_USER" def setup_logger(): """ Set up logging to file only (no console output). Returns: logging.Logger: Configured logger instance """ logger = logging.getLogger("cagefsctl-user") logger.setLevel(logging.INFO) # Disable propagation to root logger to prevent console output logger.propagate = False try: fh = logging.FileHandler(LOG_FILE) fh.setFormatter(logging.Formatter( "[%(levelname)s | %(asctime)s]: %(message)s" )) logger.addHandler(fh) except (IOError, OSError): # Cannot write to log file, continue without file logging pass return logger logger = setup_logger() class ErrorCodes: """Error codes for JSON responses.""" SITE_ISOLATION_NOT_ALLOWED = "Site isolation feature is not allowed" DOMAIN_NOT_FOUND = "Specified domain is not found" USER_NOT_FOUND = "User not found" INTERNAL_ERROR = "Internal error" MISSING_DOMAIN = "Domain is not specified" ROOT_NOT_ALLOWED = "Utility cannot be run as root" def get_calling_user(): """ Get the username of the calling user from proxyexec environment. When running via proxyexec, PROXYEXEC_UID contains the original user's UID. Falls back to current process UID if not set. Returns: str: Username of the calling user None: If user cannot be determined """ proxyexec_uid = os.environ.get("PROXYEXEC_UID") if not proxyexec_uid: return None try: uid = int(proxyexec_uid) pw = pwd.getpwuid(uid) return pw.pw_name except (ValueError, KeyError): return None def json_response(result, enabled_sites=None, message=None): """ Create a JSON response dictionary. Args: result: "success" or error code enabled_sites: Optional list of enabled sites (for success responses) message: Optional error message with additional details Returns: dict: Response dictionary """ response = {"result": result} if enabled_sites is not None: response["enabled_sites"] = enabled_sites if message is not None: response["message"] = message return response def output_json(response): """Print JSON response to stdout.""" print(json.dumps(response)) def validate_domain_ownership(username, domain): """ Validate that a domain belongs to the specified user. Args: username: The username to check ownership for domain: The domain to validate Returns: tuple: (is_valid, error_code) is_valid: True if domain belongs to user error_code: Error code if validation fails, None otherwise """ try: owner = domain_owner(domain) if owner is None: return False, ErrorCodes.DOMAIN_NOT_FOUND if owner != username: return False, ErrorCodes.DOMAIN_NOT_FOUND return True, None except NoDomain: return False, ErrorCodes.DOMAIN_NOT_FOUND except Exception: return False, ErrorCodes.INTERNAL_ERROR def get_validated_user(): """ Get the calling user and validate they exist. Returns: tuple: (username, error_code) username: The validated username, or None if validation failed error_code: Error code if validation failed, or None if successful """ username = get_calling_user() if not username: logger.error("User not found") return None, ErrorCodes.USER_NOT_FOUND if not user_exists(username): logger.error("User %s does not exist", username) return None, ErrorCodes.USER_NOT_FOUND return username, None def validate_domain_for_user(username, domain): """ Validate domain argument and ownership for a user. Args: username: The username to check ownership for domain: The domain to validate Returns: tuple: (is_valid, error_code) is_valid: True if domain is valid and belongs to user error_code: Error code if validation failed, None otherwise """ if not domain: logger.error("Missing domain argument") return False, ErrorCodes.MISSING_DOMAIN is_valid, error_code = validate_domain_ownership(username, domain) if not is_valid: logger.error("Domain validation failed: user=%s, domain=%s, error=%s", username, domain, error_code) return False, error_code return True, None def parse_domains(domain_arg): """ Parse comma-separated domain argument into a list of domains. Args: domain_arg: Comma-separated domain string (e.g., "domain1.com,domain2.com") Returns: list: List of domain names, with whitespace stripped """ if not domain_arg: return [] return [d.strip() for d in domain_arg.split(",") if d.strip()] def cmd_site_isolation_enable(args): """Handle site-isolation-enable command.""" domains = parse_domains(args.domain) logger.info("site-isolation-enable called: domains=%s", domains) if not domains: logger.error("No domains specified") output_json(json_response(ErrorCodes.MISSING_DOMAIN)) return 1 username, error = get_validated_user() if error: output_json(json_response(error)) return 1 if not is_website_isolation_allowed_server_wide(): logger.error("Site isolation not allowed server-wide") output_json(json_response(ErrorCodes.SITE_ISOLATION_NOT_ALLOWED)) return 1 if not is_website_isolation_allowed_for_user(username): logger.error("Site isolation not allowed for user %s", username) output_json(json_response(ErrorCodes.SITE_ISOLATION_NOT_ALLOWED)) return 1 # Validate all domains first for domain in domains: is_valid, error = validate_domain_for_user(username, domain) if not is_valid: output_json(json_response(error)) return 1 try: for domain in domains: enable_website_isolation(username, domain) enabled_sites = get_websites_with_enabled_isolation(username) logger.info("Site isolation enabled: user=%s, domains=%s, enabled_sites=%s", username, domains, enabled_sites) output_json(json_response("success", enabled_sites)) return 0 except Exception as e: logger.exception("Failed to enable site isolation: user=%s, domains=%s, error=%s", username, domains, e) output_json(json_response(ErrorCodes.INTERNAL_ERROR, message=str(e))) return 1 def cmd_site_isolation_disable(args): """Handle site-isolation-disable command.""" domains = parse_domains(args.domain) logger.info("site-isolation-disable called: domains=%s", domains) if not domains: logger.error("No domains specified") output_json(json_response(ErrorCodes.MISSING_DOMAIN)) return 1 username, error = get_validated_user() if error: output_json(json_response(error)) return 1 # Validate all domains first for domain in domains: is_valid, error = validate_domain_for_user(username, domain) if not is_valid: output_json(json_response(error)) return 1 try: for domain in domains: disable_website_isolation(username, domain) enabled_sites = get_websites_with_enabled_isolation(username) logger.info("Site isolation disabled: user=%s, domains=%s, enabled_sites=%s", username, domains, enabled_sites) output_json(json_response("success", enabled_sites)) return 0 except Exception as e: logger.exception("Failed to disable site isolation: user=%s, domains=%s, error=%s", username, domains, e) output_json(json_response(ErrorCodes.INTERNAL_ERROR, message=str(e))) return 1 def cmd_site_isolation_list(args): """Handle site-isolation-list command.""" logger.info("site-isolation-list called") username, error = get_validated_user() if error: output_json(json_response(error)) return 1 try: enabled_sites = get_websites_with_enabled_isolation(username) logger.info("Site isolation list: user=%s, enabled_sites=%s", username, enabled_sites) output_json(json_response("success", enabled_sites)) return 0 except Exception as e: logger.exception("Failed to list site isolation: user=%s, error=%s", username, e) output_json(json_response(ErrorCodes.INTERNAL_ERROR, message=str(e))) return 1 def create_parser(): """Create argument parser for cagefsctl-user.""" parser = argparse.ArgumentParser( prog="cagefsctl-user", description="User-level CLI utility for managing website isolation.", ) subparsers = parser.add_subparsers( title="commands", dest="command", help="Available commands", ) # site-isolation-enable command enable_parser = subparsers.add_parser( "site-isolation-enable", help="Enable site isolation for domain(s)", ) enable_parser.add_argument( "--domain", required=True, help="Domain name(s) to enable site isolation for (comma-separated)", ) enable_parser.set_defaults(func=cmd_site_isolation_enable) # site-isolation-disable command disable_parser = subparsers.add_parser( "site-isolation-disable", help="Disable site isolation for domain(s)", ) disable_parser.add_argument( "--domain", required=True, help="Domain name(s) to disable site isolation for (comma-separated)", ) disable_parser.set_defaults(func=cmd_site_isolation_disable) # site-isolation-list command list_parser = subparsers.add_parser( "site-isolation-list", help="List domains with site isolation enabled", ) list_parser.set_defaults(func=cmd_site_isolation_list) return parser def main(argv=None): """Main entry point.""" parser = create_parser() args = parser.parse_args(argv) # Guard: do not allow running as root unless via proxyexec # When running via proxyexec, PROXYEXEC_UID is set if os.getuid() == 0 and not is_running_via_proxyexec(): logger.error("Direct root invocation not allowed") output_json(json_response(ErrorCodes.ROOT_NOT_ALLOWED)) return 1 # If running as user (not root via proxyexec) if os.getuid() != 0: if not in_cagefs(): print("This utility is only available inside CageFS.\n" "Please run it via: cagefs_enter cagefsctl-user <command>", file=sys.stderr) return 1 # Inside CageFS - call via proxyexec to get root privileges if not args.command: parser.print_help() return 1 # Build args list for proxyexec args_list = sys.argv[1:] # Pass all original args result = call_via_proxyexec(PROXYEXEC_ALIAS, args_list) if result is None: output_json(json_response( ErrorCodes.INTERNAL_ERROR, message="Failed to execute via proxyexec" )) return 1 return result # Running as root via proxyexec - execute the command if not hasattr(args, "func"): parser.print_help() return 1 return args.func(args) if __name__ == "__main__": sys.exit(main())