cPanel Removal
It's a poorly-kept secret that cPanel wants to prevent Server owners and/or administrators from being able to purge their systems from the rootkit-like software. While they've recently made a change claiming to focus on support for primarily rpm-based Linux distributions, i.e. mainly Red Hat and CentOS; cPanel software breaks almost EVERYTHING RHEL/rpm-related on the system!
Their use of binary packages and perl scripts along with choosing to disable SELinux completely puts this outdated and soon-to-be obsolete software in direct conflict with anything Linux! I wish they had switched to support Windows instead.
In any case, here's yet another blog post online outlining the procedure attempting to, relatively cleanly, remove cPanel from a VPS running CentOS 7 in a Virtuozzo container.
Their use of binary packages and perl scripts along with choosing to disable SELinux completely puts this outdated and soon-to-be obsolete software in direct conflict with anything Linux! I wish they had switched to support Windows instead.
In any case, here's yet another blog post online outlining the procedure attempting to, relatively cleanly, remove cPanel from a VPS running CentOS 7 in a Virtuozzo container.
yum list \*cpanel\* yum remove \*cpanel\*
Remove the line in /etc/yum.conf starting with "exclude".
# cat /etc/yum.conf [main] #; exclude=courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* mysql* nsd* php* proftpd* pure-ftpd* spamassassin* squirrelmail* tolerant=1 errorlevel=1 cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=5 bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum distroverpkg=centos-releaseThen execute:
yum clean all; yum check-update; yum upgrade
You might have to add "--skip-broken" to yum when installing packages that replace the cPanel-provided software; e.g. perl packages, php, httpd.
Install the "epel-release" package, which installs/enables the "epel" software repository on CentOS 7.
yum install epel-release yum repolist all yum-config-manager --enable epel yum-config-manager --enable epel-testing yum clean all; yum check-update; yum upgrade -y --skip-broken
As per this Answer on ask.fedoraproject.org, "firewalld" does not work correctly in a virtuozzo/openVZ container! Therefore, you might be better suited installing the "iptables" packages:
yum install iptable\*
Check the /etc Directory
The cpanel-related systemd services are placed in the /etc/systemd/system/ directory. They're also linked to the "/etc/systemd/system/multi-user.target.wants/" directory when enabled. Therefore, you might have to disable them first before you remove the ".service" files.systemctl disable cpanel.service systemctl disable cpanel...Then remove the service files, assuming no other service files are placed there by you
rm /etc/systemd/system/*.serviceTake heed of hidden cron jobs in the usual locations, i.e.
- /etc/cron.d/
- /etc/cron.daily/
- /etc/cron.hourly/
- /etc/cron.weekly/
- root user's crontab: # crontab -e
- /var/spool/cron/$USER
cat /etc/prelink.conf.d/cpanel.conf -l /usr/local/cpanel/perl
Check the /etc/bashrc file for cPanel-related directories:
16 # whoami=`whoami` 17 # if [ -e "~/.dns" ]; then 18 # DNS=`cat ~/.dns` 19 # PS1="\u@$DNS [\w]# " 20 # else 21 # if [ -e "/var/cpanel/users/$whoami" ]; then 22 # eval `grep DNS= /var/cpanel/users/$whoami` 23 # 24 # if [ ! "$DNS" = "" ]; then 25 # echo -n "$DNS" > ~/.dns 26 # PS1="\u@$DNS [\w]# " 27 # fi 28 # fi 29 # fi
unlink /etc/httpd/apache unlink /etc/httpd/logs rm -rf /usr/local/apache rm -rf /usr/local/cpanel rm -rf /var/cpanel rm /etc/user* rm /etc/www* rm -rf /var/softaculousThe main issue comes from the virtfs "jail shell" that cPanel utilizes for every user in the /home directory; along with the following users:
grep -i cpanel /etc/passwd cpanel:x:201:201::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell cpanelphpmyadmin:x:202:202::/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell cpanelphppgadmin:x:203:203::/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell cpanelroundcube:x:204:204::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell cpanelrrdtool:x:205:205::/var/cpanel/userhomes/cpanelrrdtool:/usr/local/cpanel/bin/noshell mailman:x:206:206::/usr/local/cpanel/3rdparty/mailman/mailman:/usr/local/cpanel/bin/noshell cpanellogin:x:997:994::/var/cpanel/userhomes/cpanellogin:/usr/local/cpanel/bin/noshell cpaneleximfilter:x:996:993::/var/cpanel/userhomes/cpaneleximfilter:/usr/local/cpanel/bin/noshell cpaneleximscanner:x:995:992::/var/cpanel/userhomes/cpaneleximscanner:/usr/local/cpanel/bin/noshell cpanelconnecttrack:x:994:991::/var/cpanel/userhomes/cpanelconnecttrack:/usr/local/cpanel/bin/noshell cpses:x:993:990::/var/cpanel/cpses:/sbin/nologin
First, change the login shell for the users in the "home" subdirectories:
usermod -s /bin/bashThen, change the login shell for each additional user you wish to keep and delete the other irrelevant users.
userdel cpanel userdel cpanellogin ...Additionally, the "virtfs" directory is present in the /etc/mtab file. Therefore, the relevant lines should me commented out or delted.
cat /etc/mtab /dev/vzfs / reiserfs rw,usrquota,grpquota 0 0 # /dev/vzfs /home/virtfs/schuler/usr vzfs ro,nosuid,relatime,usrquota,grpquota 0 0 # /dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman vzfs ro,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/logs vzfs rw,noatime,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/lists vzfs rw,noatime,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/locks vzfs rw,noatime,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/qfiles vzfs rw,noatime,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/amel/usr vzfs ro,nosuid,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman vzfs ro,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/logs vzfs rw,noatime,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/lists vzfs rw,noatime,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/locks vzfs rw,noatime,relatime,usrquota,grpquota 0 0 #/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/qfiles vzfs rw,noatime,relatime,usrquota,grpquota 0 0 proc /proc proc rw,relatime 0 0 sysfs /sys sysfs rw,relatime 0 0 ...Better, yet; simply delete the /etc/mtab file and it will be recreated during the next boot. However, before the reboot, make sure to unmount all "bind" directories:
# for i in `cat /proc/mounts | grep /home/virtfs | cut -d' ' -f 2` ; do umount -l -R $i ; doneThen, check to make sure /home/virtfs/ sub-directories are empty (**unmounted**!!) before deleting them.
rmdir /home/virtfs/user1adfal/usr/lib rmdir /home/virtfs/user1adfal/usr rmdir /home/virtfs/user1adfal rmdir /home/virtfs