The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CAP_SYS_ADMIN in chroot denied ?

Discussion in 'Security' started by globcom, Jul 1, 2013.

  1. globcom

    globcom Active Member

    Joined:
    May 24, 2008
    Messages:
    43
    Likes Received:
    1
    Trophy Points:
    8
    Hello,

    on a centos 6.4 and WHM 11.38.0
    in var/log/messages
    I have this :


    Code:
    kernel: grsec: use of CAP_SYS_ADMIN in chroot denied for /usr/local/cpanel/bin/jailshell[jailshell:29842] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/crond[crond:29840] uid/euid:539/0 gid/egid:538/538
    I don't understand this log ?

    Could you help me ?

    Thx,
    Eric
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    This is a feature of the custom GRSec kernel you are running. You can find more information on "CAP_SYS_ADMIN" on the following GRSec forum thread:

    False Boundaries and Arbitrary Code Execution

    In this particular case, it's related to jailshell. You can find more information on jailshell in cPanel 11.38 at:

    VirtFS - JailShell

    As of 11.38, in a jailshell, all filesystems are mounted with the nosuid option by default. The nosuid option blocks the operation of setuid and setgid commands, such as crontab and ping.

    Thank you.
     
  3. globcom

    globcom Active Member

    Joined:
    May 24, 2008
    Messages:
    43
    Likes Received:
    1
    Trophy Points:
    8
    Thank You Michael :)

    I understand now.

    Eric
     
Loading...
Similar Threads - CAP_SYS_ADMIN chroot denied
  1. mbressman
    Replies:
    3
    Views:
    1,578

Share This Page