The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to disable jailshell completely and get rid of virtfs folder

Discussion in 'General Discussion' started by Kent Brockman, Jan 23, 2014.

  1. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello friends.
    I have one VPS where the virtfs folder is using 10 GB... and it's a PITA. I don't want to expand the server if I can delete all that files.

    I readed a lot and followed instructions from here:
    here:
    and more importantly from here:

    And continuing from this last thread link, I have to ask for the last and unanswered question:
    Is it safe to remove the virtfs directory after getting it u-mounted?

    I think I unmounted every account correctly:
    Code:
    # cat /proc/mounts
    /dev/simfs / simfs rw,relatime,usrquota,grpquota 0 0
    proc /proc proc rw,relatime 0 0
    sysfs /sys sysfs rw,relatime 0 0
    none /dev tmpfs rw,relatime 0 0
    none /dev/pts devpts rw,relatime 0 0
    none /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0
    Now that there are no mounts mentioning anything on /home/virtfs, can I delete this folder safely?
    Should I verify anything else to be completely sure it is safe to delete?


    BTW:
    Code:
    root [/home/virtfs]# du -s -c -h
    3.1M	.
    3.1M	total
    But the free disk space reported is roughly the same and low than before unmount the folders.

    And if I open, i.e., /home/virtfs/*username*/etc/security I see a bunch of .conf files.


    Help please!
    (And thanks in advance!)


    UPDATE:
    After a couple hours, I rechecked the status of free disk space and I see again the old mount point at /home/virtfs/username/home/username

    What's going on? Why is it coming again?
    I run again this command:
    Code:
    for i in `cat /proc/mounts|awk '/virtfs/ {print $2}'`; do umount $i;done
    and everything went back to normal, but still the /home/virtfs/username files are there.
    I forceful rebooted the VPS. The mount point is now "/" as it should always be.
    I will keep an eye on it to see if it stay that way or the /virtfs come back to action.

    Maybe some cron job is rebuilding the mount every N seconds??
    Code:
    root [/home/virtfs]# crontab -l
    0 6 * * * /usr/local/cpanel/scripts/exim_tidydb > /dev/null 2>&1
    30 5 * * * /usr/local/cpanel/scripts/optimize_eximstats > /dev/null 2>&1
    35 * * * * /usr/bin/test -x /usr/local/cpanel/bin/tail-check && /usr/local/cpanel/bin/tail-check
    45 */4 * * * /usr/bin/test -x /usr/local/cpanel/scripts/update_mailman_cache && /usr/local/cpanel/scripts/update_mailman_cache
    30 */4 * * * /usr/bin/test -x /usr/local/cpanel/scripts/update_db_cache && /usr/local/cpanel/scripts/update_db_cache
    45 */8 * * * /usr/bin/test -x /usr/local/cpanel/bin/optimizefs && /usr/local/cpanel/bin/optimizefs
    30 */2 * * * /usr/local/cpanel/bin/mysqluserstore >/dev/null 2>&1
    15 */2 * * * /usr/local/cpanel/bin/dbindex >/dev/null 2>&1
    15 */6 * * * /usr/local/cpanel/scripts/autorepair recoverymgmt >/dev/null 2>&1
    */5 * * * * /usr/local/cpanel/bin/dcpumon >/dev/null 2>&1
    6 4 * * * /usr/local/cpanel/whostmgr/docroot/cgi/cpaddons_report.pl --notify
    12,27,42,57 * * * * /usr/local/cpanel/whostmgr/bin/dnsqueue > /dev/null 2>&1
    7 0 * * * /usr/local/cpanel/scripts/upcp --cron
    59 4 * * * mysqlcheck --optimize --all-databases; /MARCELO/mysqltuner.pl
    11 5 * * * updatedb >/dev/null 2>&1
    
    12 2 * * 0 /usr/local/cpanel/bin/cloudflare_update.sh >/dev/null 2>&1
    30 6 * * * /usr/local/cpanel/bin/backup
    0 1 * * * /usr/local/cpanel/scripts/cpbackup
    38 4 * * * /usr/local/cpanel/3rdparty/bin/freshclam --quiet --no-warnings
    2,58 * * * * /usr/local/bandmin/bandmin
    0 0 * * * /usr/local/bandmin/ipaddrmap
    
     
    #1 Kent Brockman, Jan 23, 2014
    Last edited: Jan 23, 2014
  2. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    I'm sure one of the cPanel chaps will be along soon, but I'm relatively sure that you can't disable it these days, things like user cron are run in the jail now.

    VirtFS (Jailed Shell)

     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You would have to grant full shell access to the account in order to prevent the account from using a jailed shell environment for things like cron jobs or Exim filters. However, to note, I believe you are not interpreting the disk space it uses correctly. A bind mount is a transparent link between two places on the file system. For example, if a user views the contents of /home/virtfs/username/usr/bin, the user actually sees the contents of /usr/bin. Thus, the /home/virtfs/$user directory itself is not actually using up any additional space than already exists. Data is not actually duplicated.

    Thank you.
     
  4. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello Michael. Ok, so, that's why before u-mounting, the disk space used by virtfs was 10 GB, and now is barely 3 MB, and although the free disk space reported in System Health »Show Current Disk Usage is the same before and after, that's because of hard links?

    Nevertheless, I NEVER give shell access to no customer, but virtfs is showing two of them, with no shell access granted. This may happened why? if they set a crontask? I have lots of users here and in the other VPS using cron tasks and not being pushed into virtfs.

    Exim processing filters? I do use filters in other servers and virtfs is empty, zero bytes long.

    Jailed shell? mod_ruid2? We don't use that, now nor never before. Since it's a small shared hosting, I don't feel like users connecting via SSH, ever.

    Piped e-mail addresses? if you mean email redirection piped to any system command, never used that.


    So, I guess I have to live with that, and those folders using 3 MB turn out to be the best scenario I can hope? What if I delete the 2 accounts and then recreate it from a fresh backup? That won't delete the user's folders inside virtfs?
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    No, the disk space you are seeing is not actually used in the virtfs directory. You are actually seeing the disk space used by the directories linked to. When you umounted the virtfs directory it removed those links, so that's why you see less space reported.

    I believe you are unnecessarily viewing the virtfs directory with a negative connotation due the incorrect assumption that it's taking up more disk space. It's not actually utilizing additional space, it just seems that way due to how the links to other directories are utilized. Check the sections related to cPanel 11.38 and 11.40 on the following document to get a better idea of why virtfs is utilized for accounts.

    VirtFS (Jailed Shell)

    It's by design that it's utilized with jailed shell or no shell. It's setup this way to increase security.

    Thank you.
     
  6. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Yes, I did readed that doc. I now understand the hardlink thing. What I dont understand and puzzles me it's why I'm not seeing such folders and "virtual" usage in my other VPS. All of them have the same OS and cPanel versions...
     
  7. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Now I see, there is a cron task set for that account and everytime it runs, the virtfs is mounted.

    The thing I dont understand, and I think it could be weird/bad/incorrect, is that the main disk mount point was permanently set to be
    Code:
    /home/virtfs/*username*/home/*username*
    In other VPS I see that is set to "/"
    Can you explain why this happens and if it is expected to be so?
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you elaborate on this? For instance, what do you mean by the main disk mount point?

    Thank you.
     
  9. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Maybe I named incorrectly.
    No I fixed it by unmounting and deleting the cron tasks, as they belong to an old account of mine.

    Below, where you now see Mount Point = "/", before u-mounting the virtfs folders, it used to say "/home/virtfs/*username*/home/*username*"
    https://www.dropbox.com/s/7p7rilgpww3aims/diskusage.jpg

    Why was that?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Let us know if you experience that issue with the Disk Usage report in WHM again or are able to reproduce it. It's a separate issue to your original post on this thread. You can open a support ticket to report it and let us know the ticket number here if it happens again.

    Thank you.
     
  11. Kent Brockman

    Kent Brockman Well-Known Member

    Joined:
    Jan 20, 2008
    Messages:
    1,130
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Thank you Michael, I'll keep an eye on this.
     
  12. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16

    An Important Thread. really needs to be subscribed.
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Are you experiencing a similar issue? This thread was opened in January so it's not likely to receive additional input from the user at this point in time.

    Thank you.
     
Loading...

Share This Page