virtfs missing for some users

sparek-3

Well-Known Member
Aug 10, 2002
1,929
178
343
cPanel Access Level
Root Administrator
Should there be a /home/virtfs/%username% mount for every user? Should this stay persistent?

I'm only seeing some of my users have a /home/virtfs/%username% directory. I'm not seeing a rhyme or reason behind this either. Practically all of the users that exist in /home/virtfs don't have shell access enabled.

I really figured all users had a corresponding /home/virtfs/%username% mount. But that does not appear to be the case. Is that by design?
 

sparek-3

Well-Known Member
Aug 10, 2002
1,929
178
343
cPanel Access Level
Root Administrator
With a little bit more consistency with virtfs and with php-fpm's chroot directive, you might have a CageFS like cPanel specific solution.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello,

The following processes may recreate the jailed shell environment, even when shell access is disabled:

  • Exim processing filters.
  • Piped email addresses.
  • Cron jobs.
  • Jailed Apache virtual hosts that use the mod_ruid2 module via the EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell option in WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings).
This is mentioned on the VirtFS document.

Thank you.
 

sparek-3

Well-Known Member
Aug 10, 2002
1,929
178
343
cPanel Access Level
Root Administrator
Has any thought been put into making this a bit more consistent? I mean, is there any downside to having a /home/virtfs/%username% chroot environment for every user all the time?

I just see where you could set php-fpm's chroot directive to /home/virtfs/%username% for each user's pool and have a more closed environment for PHP script execution. But this will only work if /home/virtfs/%username% exists for each user.

This is just something I stumbled across and I thought it might make sense.