View Single Post
Old 13th July 2011, 00:02
user99 user99 is offline
Junior Member
Join Date: Jul 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Name resolution not working for jailkit chrooted users

I followed the "Perfect Server" installation for Ubuntu 11.04 and ISPConfig 3.
When using shell as generic linux user or sudo, name resolution works perfectly.

Inside a chrooted environment, name resolution fails.

Here's what I did:

I created a client, and a site. (No reseller is used in my case).
I gave the client a chrooted shell.
The client user can login to the shell, but cannot get name resolution from the shell using any of the available tools:

ping: unknown host

ping with ip address works fine, of course.

More details:
chrooted /etc/resolv.conf contains:
search (my local domain here)

The chrooted user can read from resolv.conf
It is identical to the root version.

/bin/ping does have required suid:
ls -la /bin/ping
-rwsr-xr-x 1 0 0 35680 Nov 15 2010 /bin/ping

As far as the settings in ISPConfig's panel for jailkit, these are still set to default values:

Jailkit chroot app sections:
basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh

Jailkit chrooted applications:
/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico

I copied dig and nslookup into the chrooted environment, and both work.

Other info:
This server functions as Web and Mail server only. All other services (including DNS server) are disabled. Mail seems to be working perfectly. I haven't tested the web server yet.

Has anyone else run into this issue?
Any ideas on what might be causing the problem?


Last edited by user99; 13th July 2011 at 00:04. Reason: correct error.
Reply With Quote
Sponsored Links