The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Case 80653] Jailed shell and error setting certificate verify locations

Discussion in 'General Discussion' started by greatwitenorth, Feb 28, 2014.

  1. greatwitenorth

    Joined:
    Feb 28, 2014
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I have a user who is in a jailed shell. He's trying to do a git clone to a secure url but is getting this error:

    Code:
    error: error setting certificate verify locations:
      CAfile: /etc/pki/tls/certs/ca-bundle.crt
      CApath: none
    I'm guessing the jailed shell is not allowing access to the file in question. The file does exist and has read permissions for everyone:

    Code:
    # stat /etc/pki/tls/certs/ca-bundle.crt
      File: `/etc/pki/tls/certs/ca-bundle.crt'
      Size: 468638    	Blocks: 928        IO Block: 4096   regular file
    Device: 801h/2049d	Inode: 3851860     Links: 1
    Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
    Access: 2013-03-05 11:26:59.000000000 +0000
    Modify: 2013-03-05 11:26:59.000000000 +0000
    Change: 2013-03-15 21:47:58.000000000 +0000
    Is there a way I can make this file accessible to this user or do I have to change his shell?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Internal case number 80653 was opened to address this issue. The "/etc/pki/tls/certs/ca-bundle.crt" file is accessible from jailshell as of cPanel version 11.42. You could upgrade to version 11.42 of cPanel, or wait for it to hit your build tier and add that path to "/var/cpanel/exim.conf.deps" as a temporary workaround.

    Thank you.
     
Loading...

Share This Page