View Single Post
Old 3rd December 2011, 11:35
stefanm stefanm is offline
Junior Member
Join Date: Oct 2009
Posts: 21
Thanks: 32
Thanked 5 Times in 4 Posts

Hi Till,

had a quick look at your sources and noticed that normal shell users are deleted with "userdel -f", while chrooted users are only deleted with "userdel" though the jailkit-Plugin. Do you have a specific reason for omitting the -f flag?
Might the bug simply arise, when a chrooted user that is deleted still has an open shell to the system? Might also explain, why the users get correctly deleted from the slave, since it is only used for failover purposes and normally has no actives shell accesses.
If I found the right parts in the source (apache2_plugin), the web-domain accounts (webXX) are deleted without the -f flag, too. I am not quite sure, but I think userdel without the -f might fail, if the account has still a process running, so together with suxec, it might be that there simply was access to the website while it was deleted ? (Would explain the behaviour described in the bug report, you pointed me to)


Last edited by stefanm; 3rd December 2011 at 12:40.
Reply With Quote