How to disable jailshell completely and get rid of virtfs folder

Kent Brockman

Well-Known Member
PartnerNOC
Jan 20, 2008
1,249
50
178
Buenos Aires, Argentina
cPanel Access Level
Root Administrator
Hello friends.
I have one VPS where the virtfs folder is using 10 GB... and it's a PITA. I don't want to expand the server if I can delete all that files.

I readed a lot and followed instructions from here:
here:
and more importantly from here:

And continuing from this last thread link, I have to ask for the last and unanswered question:
Is it safe to remove the virtfs directory after getting it u-mounted?

I think I unmounted every account correctly:
Code:
# cat /proc/mounts
/dev/simfs / simfs rw,relatime,usrquota,grpquota 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /dev tmpfs rw,relatime 0 0
none /dev/pts devpts rw,relatime 0 0
none /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0
Now that there are no mounts mentioning anything on /home/virtfs, can I delete this folder safely?
Should I verify anything else to be completely sure it is safe to delete?


BTW:
Code:
root [/home/virtfs]# du -s -c -h
3.1M	.
3.1M	total
But the free disk space reported is roughly the same and low than before unmount the folders.

And if I open, i.e., /home/virtfs/*username*/etc/security I see a bunch of .conf files.


Help please!
(And thanks in advance!)


UPDATE:
After a couple hours, I rechecked the status of free disk space and I see again the old mount point at /home/virtfs/username/home/username

What's going on? Why is it coming again?
I run again this command:
Code:
for i in `cat /proc/mounts|awk '/virtfs/ {print $2}'`; do umount $i;done
and everything went back to normal, but still the /home/virtfs/username files are there.
I forceful rebooted the VPS. The mount point is now "/" as it should always be.
I will keep an eye on it to see if it stay that way or the /virtfs come back to action.

Maybe some cron job is rebuilding the mount every N seconds??
Code:
root [/home/virtfs]# crontab -l
0 6 * * * /usr/local/cpanel/scripts/exim_tidydb > /dev/null 2>&1
30 5 * * * /usr/local/cpanel/scripts/optimize_eximstats > /dev/null 2>&1
35 * * * * /usr/bin/test -x /usr/local/cpanel/bin/tail-check && /usr/local/cpanel/bin/tail-check
45 */4 * * * /usr/bin/test -x /usr/local/cpanel/scripts/update_mailman_cache && /usr/local/cpanel/scripts/update_mailman_cache
30 */4 * * * /usr/bin/test -x /usr/local/cpanel/scripts/update_db_cache && /usr/local/cpanel/scripts/update_db_cache
45 */8 * * * /usr/bin/test -x /usr/local/cpanel/bin/optimizefs && /usr/local/cpanel/bin/optimizefs
30 */2 * * * /usr/local/cpanel/bin/mysqluserstore >/dev/null 2>&1
15 */2 * * * /usr/local/cpanel/bin/dbindex >/dev/null 2>&1
15 */6 * * * /usr/local/cpanel/scripts/autorepair recoverymgmt >/dev/null 2>&1
*/5 * * * * /usr/local/cpanel/bin/dcpumon >/dev/null 2>&1
6 4 * * * /usr/local/cpanel/whostmgr/docroot/cgi/cpaddons_report.pl --notify
12,27,42,57 * * * * /usr/local/cpanel/whostmgr/bin/dnsqueue > /dev/null 2>&1
7 0 * * * /usr/local/cpanel/scripts/upcp --cron
59 4 * * * mysqlcheck --optimize --all-databases; /MARCELO/mysqltuner.pl
11 5 * * * updatedb >/dev/null 2>&1

12 2 * * 0 /usr/local/cpanel/bin/cloudflare_update.sh >/dev/null 2>&1
30 6 * * * /usr/local/cpanel/bin/backup
0 1 * * * /usr/local/cpanel/scripts/cpbackup
38 4 * * * /usr/local/cpanel/3rdparty/bin/freshclam --quiet --no-warnings
2,58 * * * * /usr/local/bandmin/bandmin
0 0 * * * /usr/local/bandmin/ipaddrmap
 
Last edited:

ThinIce

Well-Known Member
Apr 27, 2006
352
9
168
Disillusioned in England
cPanel Access Level
Root Administrator
I'm sure one of the cPanel chaps will be along soon, but I'm relatively sure that you can't disable it these days, things like user cron are run in the jail now.

VirtFS (Jailed Shell)

PICK Important: In cPanel & WHM Version 11.38, updates to the jailed shell system were added to improve security. As a result, it is not possible to completely remove the jailed shell system.

ALERT! Warning: The directions below will remove a jailed shell, but cannot prevent the recreation of the jailed environment. Examples of processes that recreate the jailed environment include:

Exim processing filters
Piped e-mail addresses
Cron tasks
Jailed Apache Virtual Hosts that use mod_ruid2 via the applicable Tweak Setting option.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

You would have to grant full shell access to the account in order to prevent the account from using a jailed shell environment for things like cron jobs or Exim filters. However, to note, I believe you are not interpreting the disk space it uses correctly. A bind mount is a transparent link between two places on the file system. For example, if a user views the contents of /home/virtfs/username/usr/bin, the user actually sees the contents of /usr/bin. Thus, the /home/virtfs/$user directory itself is not actually using up any additional space than already exists. Data is not actually duplicated.

Thank you.
 

Kent Brockman

Well-Known Member
PartnerNOC
Jan 20, 2008
1,249
50
178
Buenos Aires, Argentina
cPanel Access Level
Root Administrator
Hello Michael. Ok, so, that's why before u-mounting, the disk space used by virtfs was 10 GB, and now is barely 3 MB, and although the free disk space reported in System Health »Show Current Disk Usage is the same before and after, that's because of hard links?

Nevertheless, I NEVER give shell access to no customer, but virtfs is showing two of them, with no shell access granted. This may happened why? if they set a crontask? I have lots of users here and in the other VPS using cron tasks and not being pushed into virtfs.

Exim processing filters? I do use filters in other servers and virtfs is empty, zero bytes long.

Jailed shell? mod_ruid2? We don't use that, now nor never before. Since it's a small shared hosting, I don't feel like users connecting via SSH, ever.

Piped e-mail addresses? if you mean email redirection piped to any system command, never used that.


So, I guess I have to live with that, and those folders using 3 MB turn out to be the best scenario I can hope? What if I delete the 2 accounts and then recreate it from a fresh backup? That won't delete the user's folders inside virtfs?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Ok, so, that's why before u-mounting, the disk space used by virtfs was 10 GB, and now is barely 3 MB, and although the free disk space reported in System Health »Show Current Disk Usage is the same before and after, that's because of hard links?
No, the disk space you are seeing is not actually used in the virtfs directory. You are actually seeing the disk space used by the directories linked to. When you umounted the virtfs directory it removed those links, so that's why you see less space reported.

Nevertheless, I NEVER give shell access to no customer, but virtfs is showing two of them, with no shell access granted. This may happened why? if they set a crontask? I have lots of users here and in the other VPS using cron tasks and not being pushed into virtfs.
I believe you are unnecessarily viewing the virtfs directory with a negative connotation due the incorrect assumption that it's taking up more disk space. It's not actually utilizing additional space, it just seems that way due to how the links to other directories are utilized. Check the sections related to cPanel 11.38 and 11.40 on the following document to get a better idea of why virtfs is utilized for accounts.

VirtFS (Jailed Shell)

It's by design that it's utilized with jailed shell or no shell. It's setup this way to increase security.

Thank you.
 

Kent Brockman

Well-Known Member
PartnerNOC
Jan 20, 2008
1,249
50
178
Buenos Aires, Argentina
cPanel Access Level
Root Administrator
Yes, I did readed that doc. I now understand the hardlink thing. What I dont understand and puzzles me it's why I'm not seeing such folders and "virtual" usage in my other VPS. All of them have the same OS and cPanel versions...
 

Kent Brockman

Well-Known Member
PartnerNOC
Jan 20, 2008
1,249
50
178
Buenos Aires, Argentina
cPanel Access Level
Root Administrator
Now I see, there is a cron task set for that account and everytime it runs, the virtfs is mounted.

The thing I dont understand, and I think it could be weird/bad/incorrect, is that the main disk mount point was permanently set to be
Code:
/home/virtfs/*username*/home/*username*
In other VPS I see that is set to "/"
Can you explain why this happens and if it is expected to be so?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
The thing I dont understand, and I think it could be weird/bad/incorrect, is that the main disk mount point was permanently set to be
Code:
/home/virtfs/*username*/home/*username*
Could you elaborate on this? For instance, what do you mean by the main disk mount point?

Thank you.
 

Kent Brockman

Well-Known Member
PartnerNOC
Jan 20, 2008
1,249
50
178
Buenos Aires, Argentina
cPanel Access Level
Root Administrator
Maybe I named incorrectly.
No I fixed it by unmounting and deleting the cron tasks, as they belong to an old account of mine.

Below, where you now see Mount Point = "/", before u-mounting the virtfs folders, it used to say "/home/virtfs/*username*/home/*username*"
https://www.dropbox.com/s/7p7rilgpww3aims/diskusage.jpg

Why was that?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Below, where you now see Mount Point = "/", before u-mounting the virtfs folders, it used to say "/home/virtfs/*username*/home/*username*"
https://www.dropbox.com/s/7p7rilgpww3aims/diskusage.jpg
Why was that?
Let us know if you experience that issue with the Disk Usage report in WHM again or are able to reproduce it. It's a separate issue to your original post on this thread. You can open a support ticket to report it and let us know the ticket number here if it happens again.

Thank you.