Ok, everything is fixed now. I spoke with the VPS providers;
The jailed shell was removed from the webdev user (and the webmaster
user?) and they reset the password. I logged into ssh as the webdev
user to change the password and they told me off for trying and said I
must do it through WHM/cPanel. I suspect there is some crazy
arrangement here I don't know about and there is some link between
those two accounts. When I tried (apparently wrongly) to change the
webdev users password I still got "passwd: Authentication token
manipulation error" but they said to leave it alone?!
I'm just glad its over, thanks everyone for your support
There are 10 kinds of people in the world; Those who understand
Vigesimal, and J others...?
CentOS mailing list