The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Jailshell, virtfs, & quota's...oh my

Discussion in 'General Discussion' started by Ben, Jun 28, 2004.

  1. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    Hello All,

    Just thought I'd share my recent cPanel support exchange.

    It all started when a user reported that they were over their quota, by what they thought was surely an error.

    Upon further investigation, the "Disk Space Used" reported in the user's cPanel was almost exactly double what was actually being used in the user's home directory.

    So, I ran a search to find all the files owned by that user

    find / -user USERNAME

    This reported files in

    /home/USERNAME

    and

    /home/virtfs/USERNAME/home/USERNAME

    I then contacted FastServer's about this issue.

    Their first bit of advice was to chown everything in

    /home/virtfs/USERNAME/home/USERNAME

    to

    root.root

    as is stated in a couple threads around here.

    Do not do this, if you chown something in

    /home/virtfs/USERNAME/home/USERNAME

    The changes are reflected in

    /home/USERNAME

    and will render your client's website quite useless.

    I contacted FS again, they then suggested that I run fixquota's daily, and if I wanted submit a ticket to cPanel.

    As fixquota already run's nightly on my server, I went ahead with the ticket.

    I spoke with Dan, who informed me that indeed, for the jailshell to work, /home/virtfs/USERNAME/home/USERNAME must be counted with the user's quota.

    For those that just missed that part, jailshell is intended to work this way. This seemed rather ridiculous to me, so I did ask for clarification. I was not mistaken. Here's what it boils down to

    If you want to use jailshell on Linux, double the user's quota

    I submitted a feature request to have this corrected, and was told it was an OS issue, that did not exist on FreeBSD.
     
  2. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
  3. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    The finer points of it weren't really explained to me. I guess I should rephrase and say

    If you use jailshell on Linux, and a user has quota trouble, due to duplicate files in

    /home/USERNAME

    and

    /home/virtfs/USERNAME/home/USERNAME

    then double the user's quota.
     
  4. torwill

    torwill Well-Known Member

    Joined:
    Jun 25, 2002
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    16
    i have the same issue with user's disk usage doubled after enabling jailshell. well...:(
     
  5. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
    Can you explain then why i have 1,5 GB instead of ~800 MB files for that account, and when i serach for that user's files they are under :


    home/USER

    and

    /home/virtfs......./USER

    and user cant upload anything since he is using 1500 out of 1000 MB (and only 800 MB of files is in his account), and when doping backup it backups 800 from /home and 800 from virtfs.

    If it's so, that it's just a cpanel bug showing me 1500 MB of usage, and a bug in the cpbackup that it copies the same data twice then why :



    The only thing that is wierd is that files get copied for just one account all other accounts that have jailedshell have their

    /home/virtfs......./USER

    empty, not even hardlinks are inside, just emtpy dir's.
     
    #5 Angel78, Jun 29, 2004
    Last edited: Jun 29, 2004
  6. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    None of my jailshell users on any of my servers are experiencing that...
     
  7. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    That's understood, but they do get counted twice and as such the user's quota doubles, so they may as well be duplicates.
     
  8. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    Great, so what did you do that the rest of us didn't?
     
  9. erobs

    erobs Well-Known Member

    Joined:
    Nov 24, 2002
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    I also have the same problem. 8 clients on a server using jail shell. One has 1.5GB of information that is counted against there quota in /home/virtfs.
     
  10. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    The double quotas are not directly related to /home/virtfs, but they are indirectly a by-product.

    This situation is quite easy to avoid. For those of you experiencing the problem, you have at some point run a quotacheck or killed a hung vi process, whether it be manually or scheduled through cron. This in combination with a user being currently logged into the shell (and using jailshell) has caused that user to eventually have their quota erroneously reported.

    When a user is logged into the jailshell, the system will remount filesystems to "jail" the user's access. These temporary mounts typically get "unmounted" when a user logs out of their SSH session. If a quotacheck is run while the user is logged in, the system sees what appears to be two filesystems mounted for the user, thus doubling the quota.

    Outside of this scenario, the only other cause we have seen is where the jailed filesystem never get "unmounted" and the only repeatable reason we have found thus far (there could be others) is when a user is logged in to jailshell editing a file with vi, and then has their their connection time out while the file is open. If you've ever seen a runaway vi process on your server that you had to kill, this was most likely the cause, and when you killed that process, it caused the jailed filesystem to remain mounted. When the next quotacheck was run it doubled that user's quota since there was an extra filesystem mounted for the user (essentially the same resultant scenario as above).

    The solution to getting rid of the erroneously mounted filesystems is to simply "umount" them. You can view the additional mounts though your /proc/mounts file (they're the ones with 'virtfs' in them; just be sure not to unmount any currently in use (use the 'w' command to see who is currently logged into their jailshell). At this point there really is no way to completely prevent the situation from occuring as it is simply a by-product of "jailing" a user (cPanel really isn't to blame).

    One way to help avoid the scenario when you run a quotacheck is to first stop sshd (you may want to stop chkservd as well to prevent it from restarting sshd, or at least stop chkservd, move the ssh chkservd file somwhere else temporarily, and then restart chkservd), purge the remnant mounts, run the quotacheck, and then restart sshd (and re-enable the ssh chkservd check). This should prevent the quotacheck from ever causing a doubling of the quota.

    So to sum it up, stop blaming cPanel and hire yourself a competent sysadmin that could have detected this as the issue and implemented a solution to immensely reduce it's likelihood. A competent sysadmin would know that a jailed shell remounts the file system and that this could potentially be the cause of a quota doubling issue. A quick check of the /proc/mounts file would have easily confirmed the suspicion and led them to easily address the situation.

    Using WHM/cPanel is not an alternative to having a good sysadmin; the use of WHM/CP merely helps to reduce the overall workload of a sysadmin. WHM/cPanel is not some kind of server/system holy grail; you still need to know a great deal about administering a server to run a hosting business. Those of you expecting some kind of exclusive "point-and-click" utopia to running a hosting business might as well close up shop now and save both you and your customers the aggrevation. Software is only as good as its authors, and last time I checked, no one is perfect; and when you throw in the integration of many dissperate applications (like WHM/cPanel does to help reduce your workload), that's an even bigger ball of wax that people make a living writing books about (not to mention educational courses have been built around that kind of topic).

    Ignorance is bliss.
     
    #10 jsteel, Jul 13, 2004
    Last edited: Jul 13, 2004
  11. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    First of all, thank you so much for an actual answer. It is much appreciated.

    cPanel tech support and my server host could take a couple lessons from you.

    On your last point, I do have a couple comments however.

    I never blamed anyone for anything. I relayed a support situation I had run into, in hopes of getting an actual answer (which you were kind enough to provide). It is believed by most that cPanel has a competent sysadmin or two around, to help out when someone runs into a problem. As you've clearly demonstrated, perhaps this is not the case.

    I believe most people that run into this problem are quite competent.

    How else are we supposed to learn what to do in a situation like this, besides ask other's more knowledgeable?
     
    #11 Ben, Jul 13, 2004
    Last edited: Jul 13, 2004
  12. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    The point being is that they are supplying you with nothing more than a software application for your money that assists you in the management of the server; it is not a magic wand. cPanel should not be expected to provided online SysAdmin 101 courses as well for things that would really be considered general system adminstrator knowledge (whether it be beginner, intermediate or expert levels). If you don't have the knowledge, either hire someone that does, pick up a few books and read them throroughly, or take a course from an actual education/training institution; cPanel is a software vendor, not a training organization.

    Trying to use cPanel to run a server without sufficient sysadmin knowledge is muuch like trying to drive a car without any knowledge (or a license). It's not just dangerous, but it will also get you in a heap of trouble when you don't understand what should be going on.

    We're not pointing fingers at you, but there are a lot of people trying to run hosting businesses using some kind of GUI tool with no actual understanding of running a server, and they tend to give the web hosting industry a bad name as a whole. If we only had a dollar everytime a new customer came to us drilling us witht he third degree upfront because "their previous host didn't have a clue; if they couldn't fix the problem by clicking a link in some GUI, they just blamed it on the customer themselves".
     
  13. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    Well, it's not just cPanel that I asked for help, but let's start with them.

    Their's no license or requirement for anyone to get cPanel and use it. If all they are providing is software, why do they have a helpdesk? Why when I submit a bug report of this nature do they bother to even asnwer it? If all they were providing is software, wouldn't they just say that? Instead they did attempt to answer my question, sounds like they are offering a little more to me.

    I also asked FastServer's about this issue. They DO provide support for the server. So I'll thank you to stop telling me to hire someone `competent`, I already tried too.

    I'm sorry you feel you've been given a bad name by your lesser's, perhaps if you freed up a bit more information or didn't tell people to read a book everytime they come across an arcane problem that you happen to know the solution to that wouldn't happen, just a suggestion.
     
  14. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    Apparently it's what I didn't do....;)
    My comment was simply made because you were stating unequivocally that the space should be doubled for jailshell users, and that was not my experience.
     
  15. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider

    Not to rain on on anyones parade, but everyone needs to remember that people like jsteel, thaphantom, me, casey, you, etc.... are all in this for business. Businesses do not generally tell their competition how to be as good or better then them. ;)

    Any help that is given should be happily accepted and understood that no-one "has" to help but chooses to give of there time and some knowledge. It should also not be expected for anyone to just give the answers nor should one get PO'd if the answer is not given. I myself have spent more 12 years in I.T. world and guess what? Half my time or more is with a tech book. I also help people out, but I will not give of all my knowledge as that is my edge.

    Telling someone to go read a book is actually a good thing. It helps people to be self-sufficient and to learn to not rely on others for the answers all of the time.
     
  16. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    First of all, bearer and meant. That being said I never asked either of them to be my systems administrator. I did ask them to look at issue I was having and help a bit with some support. If neither of them are meant for that, explain why I can submit a support request.
     
  17. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    Ah, very good then. I'll rephrase and say that if you are experiencing this trouble perhaps you should consider doubling the user's quota.
     
  18. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    I understand and agree with all of your points. I never asked anyone here for help, I only relayed a support experience I had.
     
  19. Ben

    Ben Well-Known Member

    Joined:
    Aug 19, 2002
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    On that same note, I've seen this happen a couple more times, and in my experience (as limited as that may be according to some) the /proc/mounts file does NOT list those people having trouble. So competent sysadmin or not, in my experience again, umounting the virtfs wouldn't have helped anything.
     
  20. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    This shouldn't be a problem after updating to the latest edge. initquotas will log out jailed users (and give them a 60 second warning) before it does the quotacheck.
     
Loading...

Share This Page