SOLVED CPANEL-35592 - Jailed shell users can't access manual pages.

[RonanRBR]

When a jailed shell user try access a man page, like:

$ man ls
man: can't open the manpath configuration file /etc/man_db.conf

I don't think this is a problem with permissions:

$ ls -la /etc/man_db.conf
-rw-r--r-- 1 root root 5.1K Oct 30  2018 man_db.conf

I can't figure out why an jailed shell user can't access manual pages.

 

[cPJustinD]

Hey there! Thank you for bringing this to our attention. It appears that jailed shell users are unable to access the manual pages as /etc/man_db.conf is not included in the default VirtFS configuration. We've filed an internal case regarding this issue with our development team, CPANEL-35592. You can find updates regarding this case in our changelogs:

Change Logs | cPanel & WHM Documentation

docs.cpanel.net

Let us know if you have any other questions!

 

[RonanRBR]

It's possible I make changes on this VirtFS configuration? Because maybe I can put another files on this configurations, like /etc/nanorc, or another global file configurations to jailed users.

 

[cPJustinD]

It is possible to make changes to the VirtFS configuration, although this would require the use of custom jailed shell mounts. We do have some documentation on setting up custom jailed shell mounts here:

How to Create Custom Jailed Shell Mounts | cPanel & WHM Documentation

When you create a custom jailed shell mount, you can allow users of jailed shells to access additional directories on the server.

docs.cpanel.net

However, in order to utilize these mounts to specify specific configuration files, you will want to work with your system administrator to determine the best method of adding in these configurations.

I hope that this helps. Let us know if you have any other questions. I would also recommend commenting on the following feature request once it becomes available:

Add custom files to jailshell and not just custom mounts

As a Server Administrator, I want to add custom files to jailshell and not just custom mounts, so that users can access files outside of their jailshell.

features.cpanel.net

 

[RonanRBR]

It is possible to make changes to the VirtFS configuration, although this would require the use of custom jailed shell mounts. We do have some documentation on setting up custom jailed shell mounts here:

How to Create Custom Jailed Shell Mounts | cPanel & WHM Documentation

When you create a custom jailed shell mount, you can allow users of jailed shells to access additional directories on the server.

docs.cpanel.net

However, in order to utilize these mounts to specify specific configuration files, you will want to work with your system administrator to determine the best method of adding in these configurations.

I hope that this helps. Let us know if you have any other questions. I would also recommend commenting on the following feature request once it becomes available:

Add custom files to jailshell and not just custom mounts

As a Server Administrator, I want to add custom files to jailshell and not just custom mounts, so that users can access files outside of their jailshell.

features.cpanel.net

Thank you, I already voted on this feature request.

I had also seen the custom moint points, thanks, but like already said on comment: create a custom mount point just for add some global configuration files on /etc, like: nanorc, toprc, or another unimportant but useful configuration file it's the worst kind "work around" solution.
I'll try await for this feature =)

 

[cPRex]

The issue with the man pages has been resolved and will be included as part of cPanel version 94 :D

 

[gravitco]

It still exists or has reappeared in version 100, or at least I have a web hosting account with SSH Access using jail shell and I don't have "man".

 

[cPanelAnthony]

It still exists or has reappeared in version 100, or at least I have a web hosting account with SSH Access using jail shell and I don't have "man".

Can you confirm the exact steps necessary to replicate this issue? I put my cPanel user in a jailed shell on version 100, then attempted to run the "man" command. It seems to work just fine for me.