Solved What is the best way to reference directadmin's admin original username?

[MaXi32]

The title might be confused, but here is the simple example:

After we installed directadmin, we will have a default username 'admin'

Now if I change this username admin to adminabc, then if I want to use script how do you reference this original admin's username?

I found this one https://www.directadmin.com/features.php?id=2832 (not sure if its purpose is to return that username) but this one just return a random admin username. For example if I create another admin username called admin2, and use this command in terminal

original_admin=$(./directadmin a)

sometimes the value $original_admin will display admin2, but what I want is the original admin user adminabc ( created by root).. where did directadmin store this information ?

I'm looking for the easiest method in directadmin-way (if available), for now my workaround is to mark the UID of that original username somewhere (after directadmin has finished installation and before its username got changed) then I can use that UID as reference.

 

[Daniel_Dog]

To be honest, I would just recommend to create a new admin account and use that one.
Then lock the admin account to localhost only and be done with it.

The admin account is also (as you described above) used in quite some scripts. So changing/removing it will only creates issues.

 

[MaXi32]

Hai thanks for replying but I think you misunderstanding about my request, im not looking a way to lock up username.

To be honest, I would just recommend to create a new admin account and use that one.
Then lock the admin account to localhost only and be done with it.

The admin account is also (as you described above) used in quite some scripts. So changing/removing it will only creates issues.

You can actually change the original admin username without any issues, directadmin also has its official script to change the default admin username to something else:

/usr/local/directadmin/scripts/change_username.sh

The recommendation to lock this username not to use it in the system was long time ago as before we could not change this username to something else and people could bruteforce this admin login page. Now the script is there and you can change this for original admin without problem.

The problem:

I'm developing a plugin that needs to get the username of the original 'admin' created by root user. This admin user is the default admin user in directadmin. So if I have another admin2, admin3 in directadmin system.. i want to reference only the default admin created by root. My current workaround is to do this from beginning:

1) After directadmin has finished installed, i will have a script that trigger this to save the current UID of that user with the following script:

#!/bin/bash
# This script must be ran before the original admin changed its username from admin to anything else (best after da installation)
da_scripts_path="/usr/local/directadmin/scripts"
mkdir -p "${da_script_path}/custom/profile"
echo "Storing original admin UID into a file at ${da_script_path}/custom/profile/owneruid} ..."
id -u admin >"${da_script_path}/custom/profile/owneruid"

2) Now after the above execution, the owneruid file there contains this owner ID of the default admin username example the content has ID: 1003

3) So, even the default 'admin' username changed its username to something else like 'thestrongadmin' I can still reference this value with this 2 lines bash script:

da_scripts_path="/usr/local/directadmin/scripts"
current_da_owner_username=$(grep ":$(head -n 1 "${da_scripts_path}/custom/profile/owneruid"):" /etc/passwd | awk -F: '{print $1}')

and the value of the current_da_owner_username will always return the username of the original admin even it is renamed to something else.

But with this method, it involves creating the owneruid file and it must be executed before the username changed which is not efficient.. so i'm looking the best and easiest alternative to get this one. Maybe directadmin stores this information somewhere (i believe so because I can see, it also has the field in user list 'created by root' in web UI).. I'm starting to think that this need an API to obtain the field created by root?

The link that I posted above seems like it explaining about this feature https://www.directadmin.com/features.php?id=2832 but it did not do what it said.

Any help on this I appreciate it.

 

[cjd]

Maybe a little brute force but this will find the created by root user

grep "^creator=root" /usr/local/directadmin/data/users/*/user.conf | cut -d'/' -f7

I haven't changed the admin on any of my systems, so I don't know if it adds any other files.

I tested this on Debian 9/10

 

[MaXi32]

Maybe a little brute force but this will find the created by root user

grep "^creator=root" /usr/local/directadmin/data/users/*/user.conf | cut -d'/' -f7

I haven't changed the admin on any of my systems, so I don't know if it adds any other files.

I tested this on Debian 9/10

Wow,, thanks a lot for this answer, Now I also understand it is stored in user.conf. This command works perfectly.

 

[cjd]

Probably would be more efficient to read in the "/usr/local/directadmin/data/admin/admin.list" file and just check those users for the created by root.

 

[MaXi32]

Probably would be more efficient to read in the "/usr/local/directadmin/data/admin/admin.list" file and just check those users for the created by root.

Yes, I got the idea now thanks a lot. Have been struggling for many hours to find this -_- and you just saved my time.

 

[cjd]

Your welcome, distracted me from writing a syslog parser for auto blocks on my BGP router lol

 

[MaXi32]

I̶ ̶s̶t̶i̶l̶l̶ ̶t̶h̶i̶n̶k̶ ̶t̶h̶a̶t̶,̶ ̶d̶i̶r̶e̶c̶t̶a̶d̶m̶i̶n̶ ̶s̶h̶o̶u̶l̶d̶ ̶s̶t̶o̶r̶e̶ ̶u̶i̶d̶ ̶i̶n̶ ̶u̶s̶e̶r̶.̶c̶o̶n̶f̶,̶ ̶s̶o̶ ̶w̶e̶ ̶c̶a̶n̶ ̶a̶l̶w̶a̶y̶s̶ ̶r̶e̶f̶e̶r̶e̶n̶c̶e̶ ̶t̶h̶i̶s̶ ̶e̶a̶s̶i̶l̶y̶.̶ ̶b̶e̶c̶a̶u̶s̶e̶ ̶c̶r̶e̶a̶t̶o̶r̶ ̶o̶f̶ ̶r̶o̶o̶t̶ ̶c̶a̶n̶ ̶b̶e̶ ̶m̶u̶l̶t̶i̶p̶l̶e̶ ̶o̶f̶ ̶a̶d̶m̶i̶n̶ ̶u̶s̶e̶r̶s̶ ̶(̶t̶h̶e̶ ̶o̶r̶i̶g̶i̶n̶a̶l̶ ̶a̶d̶m̶i̶n̶ ̶u̶s̶e̶r̶n̶a̶m̶e̶ ̶s̶h̶o̶u̶l̶d̶ ̶h̶a̶v̶e̶ ̶u̶i̶d̶ ̶s̶t̶o̶r̶e̶d̶ ̶i̶n̶ ̶u̶s̶e̶r̶.̶c̶o̶n̶f̶ ̶b̶y̶ ̶d̶e̶f̶a̶u̶l̶t̶)̶.̶ ̶a̶n̶y̶w̶a̶y̶ ̶y̶o̶u̶r̶ ̶s̶o̶l̶u̶t̶i̶o̶n̶ ̶i̶s̶ ̶b̶e̶t̶t̶e̶r̶ ̶t̶h̶a̶n̶ ̶m̶y̶ ̶p̶r̶e̶v̶i̶o̶u̶s̶ ̶o̶n̶e̶ ̶t̶h̶a̶t̶ ̶d̶o̶e̶s̶ ̶n̶o̶t̶ ̶i̶n̶v̶o̶l̶v̶e̶ ̶c̶r̶e̶a̶t̶i̶n̶g̶ ̶e̶x̶t̶r̶a̶ ̶f̶i̶l̶e̶.̶ ̶M̶y̶ ̶a̶i̶m̶ ̶i̶s̶ ̶o̶n̶l̶y̶ ̶t̶o̶ ̶g̶e̶t̶ ̶t̶h̶i̶s̶ ̶v̶a̶l̶u̶e̶ ̶w̶i̶t̶h̶ ̶o̶n̶l̶y̶ ̶o̶n̶e̶ ̶a̶d̶m̶i̶n̶ ̶u̶s̶e̶r̶ ̶e̶x̶i̶s̶t̶ ̶i̶n̶ ̶t̶h̶e̶ ̶s̶y̶s̶t̶e̶m̶ ̶(̶w̶h̶i̶l̶e̶ ̶i̶t̶s̶ ̶u̶s̶e̶r̶n̶a̶m̶e̶ ̶c̶a̶n̶ ̶b̶e̶ ̶c̶h̶a̶n̶g̶e̶d̶)̶.̶ ̶S̶o̶ ̶i̶t̶'̶s̶ ̶e̶n̶o̶u̶g̶h̶ ̶t̶o̶ ̶u̶s̶e̶ ̶y̶o̶u̶r̶ ̶s̶o̶l̶u̶t̶i̶o̶n̶.̶

Maybe @smtalk can add this extra value in user.conf so this solution can be perfect ? Is it security risk? like

uid=1003

w̶h̶e̶r̶e̶ ̶u̶i̶d̶ ̶i̶s̶ ̶t̶h̶e̶ ̶s̶y̶s̶t̶e̶m̶ ̶u̶s̶e̶r̶ ̶I̶D̶ ̶f̶o̶r̶ ̶t̶h̶a̶t̶ ̶u̶s̶e̶r̶ ̶ ̶ ̶ ̶T̶h̶a̶n̶k̶s̶,̶ ̶(̶h̶o̶p̶e̶f̶u̶l̶l̶y̶ ̶m̶y̶ ̶d̶r̶e̶a̶m̶ ̶c̶o̶m̶e̶s̶ ̶t̶r̶u̶e̶ ̶w̶i̶t̶h̶ ̶t̶h̶i̶s̶ ̶a̶d̶d̶i̶t̶i̶o̶n̶)̶.̶

Scratch that, i misunderstood about the root creator concept in directadmin (i thought a root creator can create many admins. So there's only 1 root creator). So the code by @cjd in #4 is enough to solve this problem.

 

[cjd]

OK made a slightly different one line version, that now loads the admin list and only checks those users:

readarray -t adm < /usr/local/directadmin/data/admin/admin.list ; for each in "${adm[@]}"; do grep -rl "^creator=root" "/usr/local/directadmin/data/users/$each/user.conf" | cut -d'/' -f7; done;  unset adm;

This would be much more efficient if there are lots of users. Oh these are standard bash scripts BTW. Was kind of bugging me that my first one was too brute force.

 

[MaXi32]

readarray -t adm < /usr/local/directadmin/data/admin/admin.list ; for each in "${adm[@]}"; do grep -rl "^creator=root" "/usr/local/directadmin/data/users/$each/user.conf" | cut -d'/' -f7; done;  unset adm;

This would be much more efficient if there are lots of users. Oh these are standard bash scripts BTW. Was kind of bugging me that my first one was too brute force.

OK, I think I misunderstanding the previous concept in post #9 about a creator in directadmin username. Maybe only the default admin can be created by a root creator and the other admin must be created by other admin (so the other will never have a root creator. Thats it I got it now). Because I made a mistake (without thinking), I simply tested that code by copying

cp -r /usr/local/directadmin/data/users/adminori  /usr/local/directadmin/data/users/adminori2

and do this will of course return 2 users adminori and adminori2 created by root

grep "^creator=root" /usr/local/directadmin/data/users/*/user.conf | cut -d'/' -f7

That was funny.. since this user creation involve in bash script, i simply thought that another second admin would be created by root (what im i thinking :\). I think your previous code is enough and perfect to solve this problem because my main objetive is to just return 1 unique admin created by root and only 1 user in directadmin was created by root. Actually, i did not know the creator=root was inside user.conf, thats why I was struggling to get this. Thanks a lot for your kind reply. I really appreciate it.