The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

JailShell, gcc and header files

Discussion in 'General Discussion' started by SupermanInNY, Mar 30, 2004.

  1. SupermanInNY

    SupermanInNY Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    255
    Likes Received:
    0
    Trophy Points:
    16
    Hi All,

    I need to provide gcc compiler to a JailShell user.
    Not a problem.
    When the user is in his Jailshelled shell, he types gcc and the gcc compiler is happy to run.
    Great!

    But,.. unfortunatly, the header files are in /usr/include/
    and /usr/include is not showing up on the JailShelled shell account.

    cPanel is not supporting this path as of right now, but that is unclear to me as to the reason.
    /usr/include/ has only Header files.
    If a user really wants to compile, he can just load these files manually through FTP and user them locally.
    I find this to an annoyance and really doesn't serve the users.
    Why prevent them from the header files?
    They can compile anyways..
    The header files are not some "secret code" that the users don't need to see.
    I'm not a linux guru, so if you have a different opinion as to why not to add that path to the JailShell environment, I'd like to hear it.
    There is a different thread that I found about not giving compile access at all.
    In my case, I do want to provide compile access to my users as I encourage them to develop.

    Just my $0.02.

    -Alon.
     
  2. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    I opened a support ticket on this last year. I think they ended up closing it without resolution.
     
  3. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    Well, I wouldn't let any of your users use the compilers, jailshell or not. Why don't you do the compiling for them?
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I don't know if this is a viable solution or not, but I have found that if you copy /usr/include to /home/virtfs/<user>/usr then the user has access to the header files. Anyone else tried this solution? Had any problems with it?
     
  5. SupermanInNY

    SupermanInNY Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    255
    Likes Received:
    0
    Trophy Points:
    16
    OK.. I got a solution for that:

    Yes... sparek-3, you were correct.
    I've got more stuff added :):


    AddHeadersToJailShell

    # There are 3 steps to add the /usr/include to the JailShell Path:

    # 1. Create a directory called /usr/include in /home/virtfs/username.
    # 2. Edit /etc/fstab and enter the line entry there. (this will kick
    # in after you reboot the machine).

    # /usr/include /home/virtfs/username/usr/include ext3 bind,ro 0 0

    # 3. Run the mount script as listed below. (this will kick in now and
    # remain in memory until you boot).


    # mount -o bind /usr/include /home/virtfs/username/usr/include



    casey, I don't see a reason why not to let my users run a compile on the machine. I got the Fork Shell Bomb enabled for normal run, if they have an explicit request to run it on heavy duty at some point, I can remove the Fork Shell protection for a limited time.
    They are JailShelled! Where will the go?
    I charge a premium to gain access to Shell, so users who have the need for shell... will not shoot themselves in the foot and try to do nasty things, and what things???
    They are behind CheckPoint Firewall, blocked to practically any port that is not essential, not even IRC.
    So chances are that if they run a compile, it is for a build they in need of.
    If a user wants to be nasty,. they can compile on their own machine and bring the code over regardless of the gcc on the linux box.
    I encourage students and developers to run stuff that can enhance their surfing, webhosting experience.

    Just my $0.06 (I'm a big spender).

    -Alon.
     
    #5 SupermanInNY, Apr 1, 2004
    Last edited: Apr 1, 2004
  6. Lestat

    Lestat Well-Known Member

    Joined:
    Sep 13, 2003
    Messages:
    199
    Likes Received:
    0
    Trophy Points:
    16
    Can you shed some light on how to get the checkpoint to see my internal web server with a local lan IP I made it a dmz but in cpanel still not work from out side. I point the ip to that machine that is internal. Have any good guides to get my check point to all ow this box through? I was under the asumption the server had to have the outside address in order to work. say right now internal box is 192.168.80.3 and outside is 66.xx.xx.xx address and the checkpoint forwards that outside address to the inside address correct? Please some one help!! :)
     
Loading...

Share This Page