Running CMD_ACCOUNT_USER shuts down DirectAdmin

WholesaleDialup

WholesaleDialup

Verified User
Joined
Sep 25, 2004
Messages
178
Location
San Antonio, TX
I have a script that I have run for quite some time successfully on a DirectAdmin server. This is a command line PHP script that basically just creates a user, using CMD_ACCOUNT_USER.

I am in the process of setting up a new DA server and I have moved my user creation script over to the new server. I made all necessary changes to point to the new server.

Thing is, when I run this script, the user does not get created and DirectAdmin stops responding until I restart DirectAdmin using "service directadmin restart".

When DA is down, I run "service directadmin status" and it says it's up and running.
directadmin (pid 5173) is running...

When the server is in this state, SSH is still up and running.

Nothing comes back on port 2222 until I run "service directadmin restart" within SSH.

If I run the user creation script again, it takes down DA.

Not sure if this is also some sort of security bug in DA because I am not sure at what point my script is taking DA down, before or after it decides I am authenticated. If it's before I am authenticated then this is a hole that will need to be patched. So far, I am not sure.

Any help would be appreciated because I can't get moved over to this new server without my user creation script.
 
Why dont you use the API system?

Here the one i use:

Code: 
<?php

include 'httpsocket.php';

$username = 'user';
$email = 'EMAIL';
$domain = 'HOSTNAME';
$pass = 'USERPASS';
$package = 'Service';
$cn_domain_ip = shell_exec("/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | cut -d\  -f1");
$cn_domain_ip = ereg_replace("[^.0-9 _]", "", $cn_domain_ip);

$sock = new HTTPSocket;
$sock->connect('localhost',2222);

$sock->set_login("admin","ADMINPASS");

$sock->set_method('POST');

$sock->query('/CMD_API_ACCOUNT_USER',
     array(
  'action' => 'create',
  'add' => 'Submit',
  'username' => $username,
  'email' => $email,
  'passwd' => $pass,
  'passwd2' => $pass,
  'domain' => $domain,
  'package' => $package,
  'ip' => $cn_domain_ip,
  'notify' => 'no'
     ));

$result = $sock->fetch_body();

?>

Hope it is helpful.

In my script the IP get taken from system, but, i suppose you should be able to change the code to fit your own or use a fixed IP.

Regards
 
SeLLeRoNe said:
Why dont you use the API system?

Here the one i use:

Code: 
<?php

include 'httpsocket.php';

$username = 'user';
$email = 'EMAIL';
$domain = 'HOSTNAME';
$pass = 'USERPASS';
$package = 'Service';
$cn_domain_ip = shell_exec("/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | cut -d\  -f1");
$cn_domain_ip = ereg_replace("[^.0-9 _]", "", $cn_domain_ip);

$sock = new HTTPSocket;
$sock->connect('localhost',2222);

$sock->set_login("admin","ADMINPASS");

$sock->set_method('POST');

$sock->query('/CMD_API_ACCOUNT_USER',
     array(
  'action' => 'create',
  'add' => 'Submit',
  'username' => $username,
  'email' => $email,
  'passwd' => $pass,
  'passwd2' => $pass,
  'domain' => $domain,
  'package' => $package,
  'ip' => $cn_domain_ip,
  'notify' => 'no'
     ));

$result = $sock->fetch_body();

?>

Hope it is helpful.

In my script the IP get taken from system, but, i suppose you should be able to change the code to fit your own or use a fixed IP.

Regards
Click to expand...

That's exactly what I am using :-) Works great on existing system and takes new system down.

Differences are the OS, running CentOS 5 on existing system and CentOS 6 on the new one.

Also, the new one has a fresh install of 1.40.1 and the existing server was upgraded from an older version of DA to 1.40.1.
 
OK, here is the debug output. Looks like it's failing on the socket connection, then going into a loop until it kills DA. Can't figure out why it's failing though. I wonder if I should find a newer version of the httpsocket.inc? I noticed it keeps posting the Post String with the first character of the URL missing starting on the second run around on the loop. Then, each time it loops, it adds the post string again over and over. Maybe that's what's crashing it? I didn't post the whole response because it gets HUGE, by the time it just dies, the post string thing is repeated many many times. You will see how it grows each time, imagine 50 or so retries.

Code: 
[root@myuser directadmin]# ./directadmin b2000
Debug mode. Level 2000

DirectAdmin 1.40.1
Accepting Connections on port 2222







Sockets::handshake - begin
Sockets::handshake - end
/CMD_ACCOUNT_USER
 0: Accept: */*
 1: Authorization: Basic [b]secret[/b]
 2: Connection: Close
 3: Content-length: 188
 4: Content-type: application/x-www-form-urlencoded
 5: Host: ssl://1.1.1.1:2222
 6: User-Agent: HTTPSocket/2.6
Post string: action=create&add=Submit&username=siteusername&email=me%40myemaildomain.com&passwd=MyPass&passwd2=MyPass&domain=MyDomain.com&package=mypak_standard&ip=1.1.1.10&notify=yes
Sockets::handshake - begin
Sockets::handshake - end
https://myhostname.myserverdomain.com:2222/CMD_ACCOUNT_USER
 0: Accept: */*
 1: Authorization: Basic [b]secret[/b]
 2: Connection: Close
 3: Content-length: 0
 4: Content-type: application/x-www-form-urlencoded
 5: Host: ssl://1.1.1.1:2222
 6: User-Agent: HTTPSocket/2.6
Sockets::handshake - begin
Sockets::handshake - end
https://myhostname.myserverdomain.com:2222/ttps://myhostname.myserverdomain.com:2222/CMD_ACCOUNT_USER
 0: Accept: */*
 1: Authorization: Basic [b]secret[/b]
 2: Connection: Close
 3: Content-length: 0
 4: Content-type: application/x-www-form-urlencoded
 5: Host: ssl://1.1.1.1:2222
 6: User-Agent: HTTPSocket/2.6
Sockets::handshake - begin
Sockets::handshake - end
https://myhostname.myserverdomain.com:2222/ttps://myhostname.myserverdomain.com:2222/ttps://myhostname.myserverdomain.com:2222/CMD_ACCOUNT_USER
 0: Accept: */*
 1: Authorization: Basic [b]secret[/b]
 2: Connection: Close
 3: Content-length: 0
 4: Content-type: application/x-www-form-urlencoded
 5: Host: ssl://1.1.1.1:2222
 6: User-Agent: HTTPSocket/2.6
 
Last edited:
Here is my script if that helps:

Code: 
#!/usr/local/bin/php
<?php
print "Starting\n";

print "Including File\n";
include 'httpsocket.inc';

print "Setting up DB link\n";
$link = mysql_connect("1.1.1.1", "mysqluid", "mypass")
                        or die("Could not connect: " . mysql_error());

print "Selecting DB\n";
mysql_select_db("mysqldb")
        or die ('The database specified in database_name must exist and must be accessible by the user specified in mysql_connect');

print "Setting up query\n";
$query = "SELECT * FROM MyTable WHERE ActiveDA = 0";

print "Running query\n";
$result = mysql_query ($query)
 or die ('Could not select hosting table!' . mysql_error());

print "Going into loop\n";
while ($row = mysql_fetch_array($result)) {

        print "Setting up Socket\n";
        $sock = new HTTPSocket;

        print "Connecting to socket\n";
        $sock->connect('ssl://1.1.1.1',2222);
        print "Logging in via socket\n";
        $sock->set_login('reselleruid','resellerpass');

        //$sock->query('/CMD_API_SHOW_ALL_USERS');
        //$result = $sock->fetch_parsed_body();

        print "Setting method to post\n";
        $sock->set_method('POST');

        print "Creating the user\n";
        $sock->query('/CMD_ACCOUNT_USER',
        array(
        'action' => 'create',
        'add' => 'Submit',
        'username' => $row['UserName'],
        'email' => $row['Email'],
        'passwd' => $row['Password'],
        'passwd2' => $row['Password'],
        'domain' => $row['Domain'] . "." . $row['TLD'],
        'package' => 'MyPackageName',
        'ip' => '1.1.1.1',
        'notify' => 'yes'
        ));

        print "Running API result\n";
        $APIresult = $sock->fetch_body();

        print $APIresult."\n";
        //print_r($result);   
        //print $result['list']['0'];
        
        print "Setting up update record in hosteddomains\n";
        $updateQry = "UPDATE MyTable SET ActiveDA = 1, Status = 'Active' WHERE ID = " . $row['ID'];
        
        print "Running the update query\n";
        $resultQry = mysql_query ($updateQry)
                or die ('Could not update hosting record! - ' . mysql_error());

}
print "Closing DB link\n";
mysql_close($link);

print "Done!\n";

?>
 
WholesaleDialup said:
Just tried upgrading the httpsocket.php file from my version of 2.6 to the latest 2.7. No joy, still same result.

Also just got this from DA support which I will try now:
Also check /var/log/directadmin/error.log for clues.

If you're seeing segfaults, try this:
http://help.directadmin.com/item.php?id=185
Click to expand...

Nothing in the error log except 5 unrelated errors.

Checked the URL but none of that seems to be related, I don't see seg faults in the log or the debug output.

Out of ideas at this point, any other suggestions? Thanks for the help so far.
 
OK, found something..

On the other server I have been using CMD_ACCOUNT_USER and this has been working for at least a few years on more than one DA server. Apparently, after looking at the API docs a little more, the correct command is CMD_API_ACCOUNT_USER. So, not sure when this changed or if I always had it wrong. When I change the script to use CMD_API_ACCOUNT_USER I get an error pretty fast but it's just complaining about an upper case username which I will fix now, then update this post to everyone know how it turned out.
 
Glad to hear it's sorted out.

On a side note, regarding the upper-case character, that was changed in 1.38.2:
http://www.directadmin.com/features.php?id=1203

There is an override if you must have upper-case characters, but we don't recommend using them:
http://www.directadmin.com/features.php?id=1279

As for CMD_ACCOUNT_USER vs CMD_API_ACCOUNT_USER, the CMD_API calls are going to be the same as the non-CMD_API calls (99% of the time), except for the output.. which will be parseable by a script (else you'll have to parse html, which isn't fun).

The part about "shuts down DirectAdmin" is slightly odd though. If you actually cannot access DA after this happened, my guess is that all child processes are being used, leaving none for accessing DA.
To find out what each one is doing, you can type:
Code: 
killall -USR1 directadmin
sleep 1
tail -n 20 /var/log/directadmin/error.log
and this will tell all directadmin processes (including the ones that are "stuck") to report their current code-location to the error.log file.
Usually, you can run a "ps ax" to see what's up.. sometimes one of the binary calls that DA makes (eg: useradd) may be hung... or sometimes there are custom scripts in:
/usr/local/directadmin/scripts/custom/*.sh
which are not returning correctly.

In any case, if it's working, no need to do more digging, but if it happens again, check the above.

John
 
I fixed the upper case issue by dis-allowing them on the way into my PHP CLI script by using strtolower().

You might want to test using CMD_ACCOUNT_USER as an API command and see if you can get it to kill DA like it did for me. Would be interesting to see if it can kill it before the API authenticates the user. Just trying to dig out here if there is any sort of security issue that you guys may need to fix. Wouldn't be good if someone gets a hold of this and can kill DA by just issue the wrong command. No what I mean? I would test myself but I have to move on now that this issue is resolved. Thanks for the responses everyone.
 
You must log in or register to reply here.
Back
Top