Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

virtfs missing for some users

Discussion in 'Security' started by sparek-3, Aug 17, 2016.

Tags:
  1. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,762
    Likes Received:
    116
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    Should there be a /home/virtfs/%username% mount for every user? Should this stay persistent?

    I'm only seeing some of my users have a /home/virtfs/%username% directory. I'm not seeing a rhyme or reason behind this either. Practically all of the users that exist in /home/virtfs don't have shell access enabled.

    I really figured all users had a corresponding /home/virtfs/%username% mount. But that does not appear to be the case. Is that by design?
     
  2. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,762
    Likes Received:
    116
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    With a little bit more consistency with virtfs and with php-fpm's chroot directive, you might have a CageFS like cPanel specific solution.
     
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The following processes may recreate the jailed shell environment, even when shell access is disabled:

    This is mentioned on the VirtFS document.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,762
    Likes Received:
    116
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    Has any thought been put into making this a bit more consistent? I mean, is there any downside to having a /home/virtfs/%username% chroot environment for every user all the time?

    I just see where you could set php-fpm's chroot directive to /home/virtfs/%username% for each user's pool and have a more closed environment for PHP script execution. But this will only work if /home/virtfs/%username% exists for each user.

    This is just something I stumbled across and I thought it might make sense.
     
  5. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    I'm not aware of any downsides, however it's not something that's currently under consideration. I encourage you to open a feature request, including the potential benefits, via:

    Submit A Feature Request

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice