LXC Containers give error jailshell: /dev/null: Permission denied

alsemany

Registered
Aug 23, 2011
3
0
51
Hi,
I have a problem using Cpanel with LXC I got this error once I use ssh with users
jailshell: /dev/null: Permission denied
I tried a lot with some solution like
mknod -m 666 /dev/null c 1 3
but this will not resolve the issue, I would like to optimize my Cpanel with LXC I don't like using KVM because it will take a lot of resources from my node server than LXC.
would you please help me to pass this, how to create the device /dev/null

thank you

and also please let me know if I have to use KVM rather than LXC for better performance !!

Thank you
 
Last edited by a moderator:

cliveaustin

Registered
Apr 23, 2010
4
0
51
Hi,
I'm having exactly this issue. It first came up with CRON task (these are run in cPanel jailshell) so I changed user shell to jailshell (previously disabled shell) and confirmed this weird series of "-jailshell: /dev/null: Permission denied" error messages at login. They seem to be caused by various scripts which are set to redirect stdout (and/or stderr) to /dev/null. The problem is that the /dev folder is empty (ie there aint no such beast as /dev/null in my jailshell environment! WTF? Got me stumped. Anyone else got any idea?

I should probably point out that my cPanel environment is CENTOS 6.9 x86_64 lxc – srv60 cPanel & WHM 64.0 (build 13) and that this is running under ProxMox VE 4.4-13/7ea56165 inside an LXC (container).
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello @cliveaustin,

It looks like a support ticket was opened to report this issue and setting "lxc.aa_profile = unconfined" in the container profile seems to have addressed the issue.

Thank you.
 

alsemany

Registered
Aug 23, 2011
3
0
51
I already was followed the instructions for LXC,
even I already un-comment lxc.aa_profile = unconfined
the issue with jailshell which can't access /dev for some reason
as a developer I always need shell access to speed up my productivity.
easily I tried to use the normal Shell instead of jail shell and no issues found by using normal shell

just for users selling hosting with WHM/Cpanel you will need to enable
/scripts2/modlimits for users if you enabled the shell access this for more security

so this resolve my issue in my case
change jailshell to normal shell at /scripts2/manageshells
I can't find any solutions to let Jail shell access the /dev/null

thank you for people replied me
my regards
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
the issue with jailshell which can't access /dev for some reason
Hello,

Feel free to open a support ticket using the link in my signature if you'd like us to take a closer look at the affected system.

Thank you.