The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

virtfs missing for some users

Discussion in 'Security' started by sparek-3, Aug 17, 2016.

Tags:
  1. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Should there be a /home/virtfs/%username% mount for every user? Should this stay persistent?

    I'm only seeing some of my users have a /home/virtfs/%username% directory. I'm not seeing a rhyme or reason behind this either. Practically all of the users that exist in /home/virtfs don't have shell access enabled.

    I really figured all users had a corresponding /home/virtfs/%username% mount. But that does not appear to be the case. Is that by design?
     
  2. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    With a little bit more consistency with virtfs and with php-fpm's chroot directive, you might have a CageFS like cPanel specific solution.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    The following processes may recreate the jailed shell environment, even when shell access is disabled:

    This is mentioned on the VirtFS document.

    Thank you.
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,384
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Has any thought been put into making this a bit more consistent? I mean, is there any downside to having a /home/virtfs/%username% chroot environment for every user all the time?

    I just see where you could set php-fpm's chroot directive to /home/virtfs/%username% for each user's pool and have a more closed environment for PHP script execution. But this will only work if /home/virtfs/%username% exists for each user.

    This is just something I stumbled across and I thought it might make sense.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I'm not aware of any downsides, however it's not something that's currently under consideration. I encourage you to open a feature request, including the potential benefits, via:

    Submit A Feature Request

    Thank you.
     
Loading...

Share This Page