The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WARNING - Jailshell and files

Discussion in 'General Discussion' started by dgbaker, May 15, 2003.

  1. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    We wanted to give everyone using jailshell a heads on something.

    DO NOT EVER - try to remove /home/virtfs

    You will find yourselves rebuilding your server.

    If you delete that directory it does delete the files under it, plus it deletes the real files starting from /

    Example:
    /home/virtfs/user/usr/sbin IS /usr/sbin


    Be warned!


    I knew there was a reason for test servers whew!
     
    Rooter likes this.
  2. JeremyV

    JeremyV Well-Known Member

    Joined:
    Oct 20, 2002
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    Good to know, thanks :D Better you than me I suppose ;)
     
  3. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    That's why I have test boxes :D
     
  4. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    More importantly - it appears you have free time! Got some to share?
     
  5. bonnmac

    bonnmac Well-Known Member

    Joined:
    Apr 26, 2003
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Sorry to sound dumb but....


    So this means that if we give a user jailed shel they can destroy our servers? :eek:
     
  6. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    No it does not mean that. It means that as 'root' you need to be aware of the fact that these are not just simple symlinks that can be just removed.
     
  7. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    dg. Have you done a fresh install of E3 yet? I built out two new servers yesterday, one got the E2 build and the other got the E3. The E2 build has the /virtfs directory, but the E3 does not. Looks like something is going on with jailshell. Als noticed quotas aren't working on E3.
     
  8. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Not a fresh install of E3, but I do have boxes running E3 through upcp upgrade paths.
     
  9. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    Interesting. The setupvirtfs is also not being installed on the E3 install, nor when I do a sysup on the system.

    Something is going on and also appeared to break quotas. Joy.

    Jaz
     
  10. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    That's really weird.

    Check in /usr/local/cpanel/bin

    I just blew off cpanel and had it redo and it put the setupvirtfs file in there.
     
    #10 dgbaker, May 16, 2003
    Last edited: May 16, 2003
  11. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    It should create the virtfs the first time you ssh in with a jailed account.
     
  12. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    Indeed it did. Thanks. Of course cPanel support told me a completely different story.
     
  13. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Does that mean I actually know their product better then they do? Or does it mean I just test more thoroughly ?

    :D
     
  14. HogMan

    HogMan Member

    Joined:
    May 31, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    So, just to let me know here if I need my box reloaded (new to cpanel). I tried copying a site over from ensim to cpanel, but it didn't work entirely how I wanted. When I removed the site from my accounts, it left behind a /home/virtfs/hamlotc folder. To clean up, as root I did an rm -rf /home/virtfs/hamlotc.

    Here is that output:

    root@plain [/home]# rm -rf /home/virtfs/hamlotc
    rm: cannot remove directory `/home/virtfs/hamlotc/usr/sbin': Device or resource busy
    rm: cannot remove directory `/home/virtfs/hamlotc/usr': Directory not empty
    rm: cannot remove directory `/home/virtfs/hamlotc/var/log': Device or resource busy
    rm: cannot remove directory `/home/virtfs/hamlotc/var': Directory not empty
    rm: cannot remove directory `/home/virtfs/hamlotc': Directory not empty

    So, should I got ahead an put the reload order in at rackshack :confused:

    cPanel.net Support Ticket Number:
     
  15. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Well, if you go to /usr and do an ls does it work and are there any files?

    cPanel.net Support Ticket Number:
     
  16. HogMan

    HogMan Member

    Joined:
    May 31, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    There are some files. /usr/sbin looks pretty bare. Also, I rebooted my box and sshd won't start. Trying to start it via WHM and getting this:
    sshd: execvp: No such file or directory Jun 4 12:40:5

    I think it might be hosed.

    cPanel.net Support Ticket Number:
     
  17. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    yep sounds like it.

    cPanel.net Support Ticket Number:
     
  18. HogMan

    HogMan Member

    Joined:
    May 31, 2003
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Now, the debate. Reload with cpanel or Ensim ;)

    Sorry, I am used to Ensim and love the way you can have multiple chrooted accounts under the main domain.

    cPanel.net Support Ticket Number:
     
  19. carock

    carock Well-Known Member

    Joined:
    Sep 25, 2002
    Messages:
    232
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    St. Charles, MO
    How did you get a test server set up? Did you have to buy another cpanel license to use it?

    We've been whining about having a limited use license so we could test stufff on a non-production server before we unleash it on our customers.

    Thanks,
    Chuck

    cPanel.net Support Ticket Number:
     
  20. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    I have a few licenses, and I use one for my testing server.

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page