cPanel Removal

It's a poorly-kept secret that cPanel wants to prevent Server owners and/or administrators from being able to purge their systems from the rootkit-like software.  While they've recently made a change claiming to focus on support for primarily rpm-based Linux distributions, i.e. mainly Red Hat and CentOS; cPanel software breaks almost EVERYTHING RHEL/rpm-related on the system!

Their use of binary packages and perl scripts along with choosing to disable SELinux completely puts this outdated and soon-to-be obsolete software in direct conflict with anything Linux! I wish they had switched to support Windows instead.

In any case, here's yet another blog post online outlining the procedure attempting to, relatively cleanly, remove cPanel from a VPS running CentOS 7 in a Virtuozzo container.
yum list \*cpanel\*
yum remove \*cpanel\*

Remove the line in /etc/yum.conf starting with "exclude".
# cat /etc/yum.conf 
[main]
#; exclude=courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* mysql* nsd* php* proftpd* pure-ftpd* spamassassin* squirrelmail*
tolerant=1
errorlevel=1
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release
Then execute:
yum clean all; yum check-update; yum upgrade

You might have to add "--skip-broken" to yum when installing packages that replace the cPanel-provided software; e.g. perl packages, php, httpd.

Install the "epel-release" package, which installs/enables the "epel" software repository on CentOS 7.
yum install epel-release
yum repolist all
yum-config-manager --enable epel
yum-config-manager --enable epel-testing
yum clean all; yum check-update; yum upgrade -y --skip-broken

As per this Answer on ask.fedoraproject.org, "firewalld" does not work correctly in a virtuozzo/openVZ container! Therefore, you might be better suited installing the "iptables" packages:
yum install iptable\*



Check the /etc Directory

The cpanel-related systemd services are placed in the /etc/systemd/system/ directory. They're also linked to the "/etc/systemd/system/multi-user.target.wants/" directory when enabled. Therefore, you might have to disable them first before you remove the ".service" files.
systemctl disable cpanel.service
systemctl disable cpanel...
Then remove the service files, assuming no other service files are placed there by you
rm /etc/systemd/system/*.service
Take heed of hidden cron jobs in the usual locations, i.e.

  • /etc/cron.d/
  • /etc/cron.daily/
  • /etc/cron.hourly/
  • /etc/cron.weekly/
  • root user's crontab:  # crontab -e
  • /var/spool/cron/$USER
Additionally, your hosting provider might have their internal software packages installed as well as a way to facilitate the cPanel installation in their specific environment/setup.


cat /etc/prelink.conf.d/cpanel.conf                                                                                                                                                                                                          
-l /usr/local/cpanel/perl


Check the /etc/bashrc file for cPanel-related directories:

16 # whoami=`whoami`
17 # if [ -e "~/.dns" ]; then
18 #    DNS=`cat ~/.dns`
19 #    PS1="\u@$DNS [\w]# "
20 # else
21 #    if [ -e "/var/cpanel/users/$whoami" ]; then
22 #        eval `grep DNS= /var/cpanel/users/$whoami`
23 # 
24 #            if [ ! "$DNS" = "" ]; then
25 #                echo -n "$DNS" > ~/.dns
26 #                PS1="\u@$DNS [\w]# "
27 #            fi
28 #    fi
29 # fi



unlink /etc/httpd/apache
unlink /etc/httpd/logs
rm -rf /usr/local/apache
rm -rf /usr/local/cpanel
rm -rf /var/cpanel
rm /etc/user*
rm /etc/www*
rm -rf /var/softaculous
The main issue comes from the virtfs "jail shell" that cPanel utilizes for every user in the /home directory; along with the following users:
grep -i cpanel /etc/passwd
cpanel:x:201:201::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell
cpanelphpmyadmin:x:202:202::/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell
cpanelphppgadmin:x:203:203::/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell
cpanelroundcube:x:204:204::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell
cpanelrrdtool:x:205:205::/var/cpanel/userhomes/cpanelrrdtool:/usr/local/cpanel/bin/noshell
mailman:x:206:206::/usr/local/cpanel/3rdparty/mailman/mailman:/usr/local/cpanel/bin/noshell
cpanellogin:x:997:994::/var/cpanel/userhomes/cpanellogin:/usr/local/cpanel/bin/noshell
cpaneleximfilter:x:996:993::/var/cpanel/userhomes/cpaneleximfilter:/usr/local/cpanel/bin/noshell
cpaneleximscanner:x:995:992::/var/cpanel/userhomes/cpaneleximscanner:/usr/local/cpanel/bin/noshell
cpanelconnecttrack:x:994:991::/var/cpanel/userhomes/cpanelconnecttrack:/usr/local/cpanel/bin/noshell
cpses:x:993:990::/var/cpanel/cpses:/sbin/nologin

First, change the login shell for the users in the "home" subdirectories:
usermod -s /bin/bash 
Then, change the login shell for each additional user you wish to keep and delete the other irrelevant users.
userdel cpanel
userdel cpanellogin
...
Additionally, the "virtfs" directory is present in the /etc/mtab file. Therefore, the relevant lines should me commented out or delted.
cat /etc/mtab
/dev/vzfs / reiserfs rw,usrquota,grpquota 0 0
# /dev/vzfs /home/virtfs/schuler/usr vzfs ro,nosuid,relatime,usrquota,grpquota 0 0
# /dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman vzfs ro,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/logs vzfs rw,noatime,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/lists vzfs rw,noatime,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/locks vzfs rw,noatime,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/schuler/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/qfiles vzfs rw,noatime,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/amel/usr vzfs ro,nosuid,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman vzfs ro,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/logs vzfs rw,noatime,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/lists vzfs rw,noatime,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/locks vzfs rw,noatime,relatime,usrquota,grpquota 0 0
#/dev/vzfs /home/virtfs/amel/usr/backup/cpainl-resid/cpanel/3rdparty/mailman/qfiles vzfs rw,noatime,relatime,usrquota,grpquota 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
...
Better, yet; simply delete the /etc/mtab file and it will be recreated during the next boot. However, before the reboot, make sure to unmount all "bind" directories:
# for i in `cat /proc/mounts | grep /home/virtfs | cut -d' ' -f 2` ; do umount -l -R $i ; done
Then, check to make sure /home/virtfs/ sub-directories are empty (**unmounted**!!) before deleting them.
rmdir /home/virtfs/user1adfal/usr/lib
rmdir /home/virtfs/user1adfal/usr
rmdir /home/virtfs/user1adfal
rmdir /home/virtfs

See Also:

Popular posts from this blog

Password Policy in RHEL 7

Centos 7 pulseaudio

Password Aging and Authentication in RHEL7