Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 6th March 2009, 21:30
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,033
Thanks: 261
Thanked 147 Times in 128 Posts
Default ISPconfig Jaikit / SSH Chroot not working (Lenny)

Not sure where I did go wrong, but I did install Jaikit (according to The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 3] - Page 4 - step 15 - Install Jailkit) before I installed ISPconfig 3

Whatever option I try for a Shell-User (none / Jailkit / SSH CHroot), they can cd into other directorys, and read the data.

Is it me who made a mistake, or does it not work on Lenny?
__________________
Never execute code written on a Friday or a Monday.
Reply With Quote
Sponsored Links
  #2  
Old 6th March 2009, 23:27
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,414
Thanks: 812
Thanked 5,204 Times in 4,080 Posts
Default

Jailkit works for me fine on lenny, there are no known bugs. SSH-Chroot will only work if you patch your SSH daemon like it was nescessary for ispconfig 2.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 7th March 2009, 09:18
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,033
Thanks: 261
Thanked 147 Times in 128 Posts
Default

Hi Falko,

I'm 100% sure that I did install it according to the howto.

Also the directory /etc/jailkit and the needed files do exist, and jk_sockeetd.ini does point to the "jailed" user directory
Quote:
[/var/clients/client1/web1/dev/log]
base=512
peak=2048
interval=10
When I login with the created shell-user I get this back as prompt.
Quote:
$USER@www.somedomain.nl:~$
Is the $USER correct, or should it say the user name?

Also.. Is there an other way of checking that Jailkit is installed correct?
__________________
Never execute code written on a Friday or a Monday.

Last edited by edge; 7th March 2009 at 09:23.
Reply With Quote
  #4  
Old 7th March 2009, 09:34
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,033
Thanks: 261
Thanked 147 Times in 128 Posts
Default

I've created a new domain / user, and now jailkit is working fine!
The 1st domain / user that I tested it with was the main host name of the server. I guess that this was kind of mixing things up.

All is working fine for the new user.

However! I do still see the deleted test user accounts in "/var/clients/client1/web1/home"
__________________
Never execute code written on a Friday or a Monday.

Last edited by edge; 7th March 2009 at 10:04.
Reply With Quote
  #5  
Old 7th March 2009, 15:30
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,721 Times in 2,562 Posts
Default

I see you've posted this in the bugtracker, so we will check it.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 23rd April 2009, 10:06
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
Default

Hi, I think I have a similar problem.

I created a client, then a website and at least, at shell account with a Jailkit chroot.
Its dir is `/var/www/clients/client1/web1`. When I login, I'm located in `/var/www/clients/client1/web1/home/[clientname]`. I can browse the whole filesystem (according to the user permissions at least).

A last thing, I let the username empty because a shell login with [clientname] was fine. Could it be related? No chroot created because of no username given?

PS: I've installed Jailkit before ISPConfig ;-)
Reply With Quote
  #7  
Old 23rd April 2009, 10:24
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,414
Thanks: 812
Thanked 5,204 Times in 4,080 Posts
Default

Are you really sure that you can broser the complete filesystem? Please login with that user and then execute:

cd /

and post the output of:

ls -la
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 23rd April 2009, 10:46
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by till View Post
Are you really sure that you can broser the complete filesystem? Please login with that user and then execute:

cd /

and post the output of:

ls -la
Hello

Thanks for your prompt reply. Here is the output:
Quote:
web1@ns206144:~$ cd /
web1@ns206144:/$ ls -la
total 84
drwxr-xr-x 21 root root 4096 avr 19 19:25 .
drwxr-xr-x 21 root root 4096 avr 19 19:25 ..
drwxr-xr-x 2 root root 4096 fév 12 14:46 bin
drwxr-xr-x 2 root root 4096 avr 19 19:23 boot
drwxr-xr-x 12 root root 14080 avr 23 06:25 dev
drwxr-xr-x 95 root root 4096 avr 23 10:38 etc
drwxr-xr-x 3 root root 4096 fév 9 12:53 home
drwxr-xr-x 11 root root 4096 avr 23 10:35 lib
lrwxrwxrwx 1 root root 4 avr 19 19:23 lib64 -> /lib
drwx------ 2 root root 16384 avr 19 19:15 lost+found
drwxr-xr-x 3 root root 4096 fév 9 11:23 media
drwxr-xr-x 2 root root 4096 déc 4 10:21 mnt
drwxr-xr-x 2 root root 4096 fév 9 11:23 opt
dr-xr-xr-x 170 root root 0 avr 19 22:27 proc
drwxr-xr-x 5 root root 4096 avr 21 19:20 root
drwxr-xr-x 2 root root 4096 avr 21 19:57 sbin
drwxr-xr-x 2 root root 4096 sep 16 2008 selinux
drwxr-xr-x 2 root root 4096 fév 9 11:23 srv
drwxr-xr-x 12 root root 0 avr 19 22:27 sys
drwxrwxrwt 5 root root 4096 avr 23 10:45 tmp
drwxr-xr-x 11 root root 4096 avr 19 21:45 usr
drwxr-xr-x 15 root root 4096 avr 19 22:12 var
Is it the expected result?
Reply With Quote
  #9  
Old 23rd April 2009, 10:48
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,414
Thanks: 812
Thanked 5,204 Times in 4,080 Posts
Default

Ok, the user is really not chrooted. Did you get any errors in the log files (see monitoring module) as you created the jailed user? Please try to create a different new jailed user and check if this gets jailed.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #10  
Old 24th April 2009, 10:47
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
 
Default

Quote:
Originally Posted by till View Post
Ok, the user is really not chrooted. Did you get any errors in the log files (see monitoring module) as you created the jailed user? Please try to create a different new jailed user and check if this gets jailed.
I'll check for that. I'll keep you in touch thanks.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 2.3.3-dev released till General 10 12th March 2008 21:08
Chroot ssh login problem gral Server Operation 3 2nd November 2007 18:25
SSH Remote Login Not Working Anymore! kisong Server Operation 10 3rd January 2006 17:26
ISP-Ubuntu breezy ispconfig dns email e-mail working finally yellowjelly HOWTO-Related Questions 0 19th November 2005 20:30
Working with ISPConfig with IP MyLinux General 5 5th September 2005 10:24


All times are GMT +2. The time now is 12:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.