{kb-symptom}
By default, when enabling Control Panel integration, the CDP Agent will grant access to all Control Panel users. Many people have been asking how they can limit access to only certain users (i.e. paying customers). The solution listed below will limit access to backup for only specified users.
{kb-resolution}
1. The first thing you need to do is to create a text file with valid control panel user accounts that you want to grant access. You can name this file {color:blue}/etc/r1user{color}:
\\
{code}
[root@plesk ~]# cat /etc/r1user
neo
trinity
{code}
2. Next, you need to edit the appropriate authentication script located in {color:blue}/usr/sbin/r1soft/lib/controlpanel{color} (authentication scripts end with {color:blue}auth.pl{color}):
{code}
[root@plesk ~]# ls -l /usr/sbin/r1soft/lib/controlpanel
-rw-r--r-- 1 root root 1806 Apr 13 17:46 BuagentAuth.pm
-rwxr-xr-x 1 root root 1030 Apr 13 17:46 cpanel-auth.pl
-rwxr-xr-x 1 root root 966 Apr 13 17:46 cpanel-listusers.pl
-rwxr-xr-x 1 root root 3138 May 30 14:24 plesk-auth.pl
-rwxr-xr-x 1 root root 2676 Apr 13 17:46 plesk-listusers.pl
-rwxr-xr-x 1 root root 930 Apr 13 17:46 virtuozzo-listusers.sh
{code}
3. Next, create an array and load the text file ({color:blue}/etc/r1user{color}) you just created into the array:
Code:
\\
{code}
my @userdb;
open(USERDB, '/etc/r1user') or die "Couldn't open location file: $!";
@userdb = <USERDB>;
{code}
4. Next, you need to create a variable which reflects the r1users privilege to access backups ({color:blue}$r1user_ref{color}) and use a 'foreach' loop to check whether the $user is in the array.
Code:
\\
\\
{code}
my $r1user_ref = 0;
my $t;
foreach $t (@userdb){
if ($t =~ $user) {
$r1user_ref = 1;
}
}
{code}
5. If the {color:blue}$user account{color} is in the {color:blue}@userdb{color} array, then {color:blue}$r1user_ref{color} is set to "1."
The last thing is to put all this code together and insert it into the appropriate place of the authentication script. For {color:blue}pleask-auth.pl{color} the changes should look like this:
Before:
{code}
my $user = <>;
chomp($user);
my $pass = <>;
chomp($pass);
my $auth_ref = BuagentAuth::auth($user, $pass);
print "auth_ok:" . $auth_ref->{auth_ok} . "\n";
if ($auth_ref->{auth_ok} == 0) { exit; }
{code}
!cp-users.png!
After:
{code}
my $user = <>;
chomp($user);
my $pass = <>;
chomp($pass);
my @userdb;
open(USERDB, '/etc/r1user') or die "Couldn't open location file: $!";
@userdb = <USERDB>;
my $r1user_ref = 0;
my $t;
foreach $t (@userdb){
if ($t =~ $user) {
$r1user_ref = 1;
}
}
if ($r1user_ref != 1) {
print "auth_ok:0\n";
exit;
}
my $auth_ref = BuagentAuth::auth($user, $pass);
print "auth_ok:" . $auth_ref->{auth_ok} . "\n";
if ($auth_ref->{auth_ok} == 0) { exit; }
{code}
!cp-users1.png!
If the user account is in {color:blue}/etc/r1user{color}, the specified user will have access to their backups. If not, they will be denied access to CDP Web Interface.
\\
\\
\\
{kb-related-articles}
By default, when enabling Control Panel integration, the CDP Agent will grant access to all Control Panel users. Many people have been asking how they can limit access to only certain users (i.e. paying customers). The solution listed below will limit access to backup for only specified users.
{kb-resolution}
1. The first thing you need to do is to create a text file with valid control panel user accounts that you want to grant access. You can name this file {color:blue}/etc/r1user{color}:
\\
{code}
[root@plesk ~]# cat /etc/r1user
neo
trinity
{code}
2. Next, you need to edit the appropriate authentication script located in {color:blue}/usr/sbin/r1soft/lib/controlpanel{color} (authentication scripts end with {color:blue}auth.pl{color}):
{code}
[root@plesk ~]# ls -l /usr/sbin/r1soft/lib/controlpanel
-rw-r--r-- 1 root root 1806 Apr 13 17:46 BuagentAuth.pm
-rwxr-xr-x 1 root root 1030 Apr 13 17:46 cpanel-auth.pl
-rwxr-xr-x 1 root root 966 Apr 13 17:46 cpanel-listusers.pl
-rwxr-xr-x 1 root root 3138 May 30 14:24 plesk-auth.pl
-rwxr-xr-x 1 root root 2676 Apr 13 17:46 plesk-listusers.pl
-rwxr-xr-x 1 root root 930 Apr 13 17:46 virtuozzo-listusers.sh
{code}
3. Next, create an array and load the text file ({color:blue}/etc/r1user{color}) you just created into the array:
Code:
\\
{code}
my @userdb;
open(USERDB, '/etc/r1user') or die "Couldn't open location file: $!";
@userdb = <USERDB>;
{code}
4. Next, you need to create a variable which reflects the r1users privilege to access backups ({color:blue}$r1user_ref{color}) and use a 'foreach' loop to check whether the $user is in the array.
Code:
\\
\\
{code}
my $r1user_ref = 0;
my $t;
foreach $t (@userdb){
if ($t =~ $user) {
$r1user_ref = 1;
}
}
{code}
5. If the {color:blue}$user account{color} is in the {color:blue}@userdb{color} array, then {color:blue}$r1user_ref{color} is set to "1."
The last thing is to put all this code together and insert it into the appropriate place of the authentication script. For {color:blue}pleask-auth.pl{color} the changes should look like this:
Before:
{code}
my $user = <>;
chomp($user);
my $pass = <>;
chomp($pass);
my $auth_ref = BuagentAuth::auth($user, $pass);
print "auth_ok:" . $auth_ref->{auth_ok} . "\n";
if ($auth_ref->{auth_ok} == 0) { exit; }
{code}
!cp-users.png!
After:
{code}
my $user = <>;
chomp($user);
my $pass = <>;
chomp($pass);
my @userdb;
open(USERDB, '/etc/r1user') or die "Couldn't open location file: $!";
@userdb = <USERDB>;
my $r1user_ref = 0;
my $t;
foreach $t (@userdb){
if ($t =~ $user) {
$r1user_ref = 1;
}
}
if ($r1user_ref != 1) {
print "auth_ok:0\n";
exit;
}
my $auth_ref = BuagentAuth::auth($user, $pass);
print "auth_ok:" . $auth_ref->{auth_ok} . "\n";
if ($auth_ref->{auth_ok} == 0) { exit; }
{code}
!cp-users1.png!
If the user account is in {color:blue}/etc/r1user{color}, the specified user will have access to their backups. If not, they will be denied access to CDP Web Interface.
\\
\\
\\
{kb-related-articles}