virtfs

Hello Team, I have a 1Tb server and around 100Gb is used by the virtfs. While checking none of the users are using jailed shell. If I delete the content of the "/home/virtfs1" will remove my contents in users home directory? Thanks in advance.

Very cool with the new terminal feature in cPanel that allows users to use terminal directly from their cPanel account. What really makes me worried, is the fact that users can "cd" all the way up to the root of the server and browse "dev" and "etc" folders and so on.. I believe this is a...

Hello, I have been reading through some articles on virtfs and other posts VirtFS - Jailed Shell - Version 74 Documentation - cPanel Documentation and this post: Dodgy links in virtfs I'm started to understand some, but I was reading that if a file exists in the virtfs path, it will...

Hi we are currently running a security scan and have seen some concerning links... I’m running cpmalscan In virtfs one of the accounts is showing as linking to files in multiple other accounts! Eg /virtfs/accountname/dev/fd/4/anotheraccount/... Linking to mail files, WordPress plugins etc...

Hello, my disk have only 200GB, but when I runfind . -type f -size +500M -exec ls -lh {} \; | awk '{ print $9 "I get:./var/cpanel/sql/eximstats.sql.import: 1.3G ./var/lib/docker/devicemapper/devicemapper/data: 100G ./var/lib/docker/devicemapper/devicemapper/metadata: 2.0G...

Can you confirm whether or not the bin => logrotate will work for the user? I have custom conf for logrotate within their user space.

WHM 64.0 (build 36) All normal users are jailed. Don't want to change that. I run who and awk in a wrapup bash script on user ssh sessions to determine the source IP address of the login. This info is passed to mutt so I'll get an alert whenever a user shells into the server. Have not...

Hi. Recently a user extracted a WP site in a account. In the next day i received LFD warnings "Suspicious File Alert" in /tmp/ folder, removed the folder in question from /tmp and the suspicious folder from the user account. The user did not upload it anymore and did not extracted anything...

When I trying to login trough ssh on any jailshelled user I always get: "Could not exec SHELL: /bin/bash" I browse /home/virtfs, and found that there are some files from root file system, but /bin and /dev for example are empty. I don't know if they should contain anything.

A recent security scan showed that I have infected files in the virtfs folder. As I understand simply removing the files is not an option as any files that are mounted to the file will also be removed and will create an even bigger issue. My server provider recommends a complete rebuild of the...

Hello I would like to understand why these two accounts ( coXXXXXX and desXXXXX ) are creating these mounting points, sample: [Removed - Please Attach Images Directly To Threads] How to remove VirtFS from cPanel (disable and unmount active users) ? IMPORTANT: No Jailshell enabled...

Specific account with ssh access not can see his cron php processes , for example with #htop -u username

Hi, When I log in to FTP or SSH with one of my cpanel users I can access the server root directory. Shouldn't a cpanel account only be able to access /home/[account]? I'm running WHM 58.0 (build 31).

I thought I'd pass along my experience implementing symlink race condition protection because it might help someone else. I'm running CentOs 6.8 on a Virtuozzo VPS with WHM 58 build 24 with EasyApache4. I was using the Event MPM with suPHP and was very happy with it, but after reading the...

Should there be a /home/virtfs/%username% mount for every user? Should this stay persistent? I'm only seeing some of my users have a /home/virtfs/%username% directory. I'm not seeing a rhyme or reason behind this either. Practically all of the users that exist in /home/virtfs don't have...

Yep, I've read the doc. (https://documentation.cpanel.net/pages/viewpage.action?pageId=1507360) None of my accounts are jail enabled. (Home >> Account Functions >> Manage Shell Access) According to the docs all I have to do is umount /home/virtfs/<username>/usr/bin It umounts just fine. All...

Hello, As of roughly about the time our auto cPanel updates completed (now on v.58.0.7), our piped email to our whmcs system (latest v.6.3.1) started failing. [ [email protected] ~># grep 1bQGs2-0002l7-QL /var/log/exim_mainlog 2016-07-21 09:30:47 1bQGs2-0002l7-QL <= [email protected]

Hello, I recently upgraded to 56.0.27 (now I'm upgrading to 56.0.28) and this morning, I get an e-mail saying my user is running outside of the jail shell. It was. I originally thought I wanted that when I set it up but I don't. So, this is where it gets a bit weird. I have two user...

I know that JailShell keeps a user inside their own folder. If a user's folder is on home2, cPanel automatically puts a symlink on home pointing to their folder so that services can always use home and not care where their folder really is. With JailShell, however, it will not allow a user to...