Child pages
  • The cpuser_port_authority script
For cPanel & WHM version 78


Skip to end of metadata
Go to start of metadata

Overview

The cpuser_port_authority script assigns one or more 5-digit port numbers for a user's exclusive use. These five-digit port numbers use the range of 10000 to 65535. They exclude any ephemeral ports and passive ports. 

Important:

  • You must possess root user access to use this script.
  • You must use iptables to enforce port ownership. If you use firewalld, the system does not currently enforce port ownership.

The /usr/local/cpanel/scripts/cpuser_port_authority script

To use this script, run the following command on the command line as the root user:

/usr/local/cpanel/scripts/cpuser_port_authority [argument] [options]

Arguments

The /usr/local/cpanel/scripts/cpuser_port_authority script accepts the following arguments:

Note:

  • This script saves port assignments to the /etc/cpanel/cpuser_port_authority.json file.
  • In the following table, user represents a username, amount represents the number of ports, port-number represents a specific five-digit port number, and my_app represents an application.


ArgumentDescriptionExample

give [user] [amount] [--service=my_app]

Note:

The --service option assigns the requested port numbers to a specific service.

Assign a user one or more ports.


/usr/local/cpanel/scripts/cpuser_port_authority give exampleuser 3 --service=store

take [user] [port-number]

Note:

You can pass the  port-number  multiple times to remove several ports numbers.

Remove a port from a user's assignments.

Note:

If you attempt to remove a port that does not belong to the specified user, then the function will fail.

/usr/local/cpanel/scripts/cpuser_port_authority take exampleuser 12345
fw

Update the firewall rules to match port assignments and restart the firewall.

/usr/local/cpanel/scripts/cpuser_port_authority fw
list [user]Display the ports assigned to a user.
/usr/local/cpanel/scripts/cpuser_port_authority list exampleuser
user remove [user]Remove a user's assigned ports.
/usr/local/cpanel/scripts/cpuser_port_authority user remove exampleuser
user change [olduser] [newuser]Change the ownership of one user's ports to another user.
/usr/local/cpanel/scripts/cpuser_port_authority user change exampleuser currentuser
hint [argument]

Display the abbreviated help information.

Note:

The argument is optional. If you specify an argument, only that argument's abbreviated help information will display.

/usr/local/cpanel/scripts/cpuser_port_authority hint list
help [argument]

Display the script's help information.

Note:

The  argument  is optional.  If you specify an argument, only that argument's help information will display.

/usr/local/cpanel/scripts/cpuser_port_authority help list

Additional documentation