HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Jailkit not working ISPConfig (http://www.howtoforge.com/forums/showthread.php?t=51425)

denmaddog 14th February 2011 02:55

Jailkit not working ISPConfig
 
I have setup my server based on tutorial Howto perfect server ISPConfig Ubuntu 10.10, but Jailkit isn't working. When I add shell user to some site and choose "Jailkit"( options are "None" and "Jailkit" ) option and then login via ssh as that user, the user can browse all system. Outputs are:

tail -f /var/log/auth.log

Feb 12 16:58:43 www sshd[4370]: Accepted password for bojana from 10.13.1.56 port 2128 ssh2
Feb 12 16:58:43 www sshd[4370]: pam_unix(sshd:session): session opened for user bojana by (uid=0)
Feb 12 16:58:44 www sshd[4370]: pam_unix(sshd:session): session closed for user bojana

/etc/passwd

web3:x:5006:5005::/var/www/clients/client1/web3/./home/web3:/bin/false

bojana:x:5006:5005::/var/www/clients/client1/web3/./home/bojana:/bin/bash

/etc/init.d/jailkit restart

Stopping jailkit: jk_socketd/usr/sbin/jk_socketd: no process found

done.

Starting jailkit: jk_socketdversion 2.13, no sockets specified in configfile /etc/jailkit/jk_socketd.ini or on commandline, nothing to do, exiting...

done.

It seems like Jailkit is not properly configured. I tried updating ISPConfig and reconfiguring services but problem remains.

Please can you help me solve this.


Zeljko

till 14th February 2011 11:02

The jailkit daemon is not used, so its ok that it does not start.

Regarding the login issue, the user bojana uses a wrong shell. Have you edited anything in the /etc/passwd file manually or did you change any settings of the user bojana manually on the shell?

denmaddog 14th February 2011 12:02

Till,

I haven't changed anything manualy...I will add new shell user now and post what happend in /etc/passwd


Tnx.

denmaddog 14th February 2011 12:07

After adding new testuser this is the line in /etc/passwd

testuser:x:5006:5005::/var/www/clients/client1/web3/./home/testuser:/bin/false

And I cannot login to server with putty ... putty just crashes ( disapear ).

root@www:~# tail -f /var/log/auth.log
Feb 14 11:04:20 www sshd[10294]: Accepted password for testuser from 192.168.13.202 port 3756 ssh2
Feb 14 11:04:20 www sshd[10294]: pam_unix(sshd:session): session opened for user testuser by (uid=0)
Feb 14 11:04:20 www sshd[10294]: pam_unix(sshd:session): session closed for user testuser

denmaddog 14th February 2011 12:13

If I change the shell from /bin/false to /usr/sbin/jk_chrootsh in /ets/passwd I got this in /var/log/auth.log

Feb 14 11:10:34 www sshd[10702]: Accepted password for testuser from 192.168.13.202 port 3882 ssh2
Feb 14 11:10:34 www sshd[10702]: pam_unix(sshd:session): session opened for user testuser by (uid=0)
Feb 14 11:10:34 www jk_chrootsh[10770]: now entering jail /var/www/clients/client1/web3 for user testuser (5006)
Feb 14 11:10:34 www jk_chrootsh[10770]: abort, failed to get user information in the jail for user ID 5006: Success, check /var/www/clients/client1/web3/etc/passwd
Feb 14 11:10:34 www sshd[10702]: pam_unix(sshd:session): session closed for user testuser

Any idea?

denmaddog 14th February 2011 12:18

I assume ISPConfig/Jailkit should make some shanges to /var/www/clients/client1/web3/etc/passwd and group file, but those files are empty ...

I'm getting desperate :(

folken 14th February 2011 13:32

Quote:

Originally Posted by denmaddog (Post 251112)
I assume ISPConfig/Jailkit should make some shanges to /var/www/clients/client1/web3/etc/passwd and group file, but those files are empty ...

I'm getting desperate :(

G'day,

The problem is not with ISPConfg but with the jailkit program.

10-10-2010: Jailkit 2.13 released. Jailkit 2.13 fixes a regression in the build system that could set the location of the configuration directory to the wrong path.

In short the version that the howto recommend tell you to download 2.12 which has a major bug where it expects all config files to be located in /usr to resolve this issue download the latest version and it'll work.

T

P.S. it took me 2 hours to figure this out....

denmaddog 14th February 2011 17:08

Hi Folken, tnx for reply,

but the installed version of Jailkit is 2.13 .... must be something else...

folken 14th February 2011 17:10

Quote:

Originally Posted by denmaddog (Post 251160)
Hi Folken, tnx for reply,

but the installed version of Jailkit is 2.13 .... must be something else...

Interesting.. Enable debug mode under system then check the crontab log file... that pointed me in the direction that fixed mine..

denmaddog 14th February 2011 17:12

Can you please tell me how to enable system debug mode and where to track it?

tnx!


All times are GMT +2. The time now is 16:10.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.