Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 24th April 2009, 14:42
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
Default

I reinstalled the whole box, created 2 accounts (with login suffix now, like [CLIENTNAME]test1 & test2) but I encounter the same issue: `cd /` brings me to the very root of the server.

However I noticed whem I just connected, I'm in `/var/www/clients/client1/web1/./home/[CLIENTNAME]test1`. When I do `cd`, I'm then in `/var/www/clients/client1/web1/home/[CLIENTNAME]test1`.

Does it help?
Reply With Quote
Sponsored Links
  #12  
Old 24th April 2009, 14:48
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,381
Thanks: 833
Thanked 5,482 Times in 4,316 Posts
Default

If you have a . in the path then you selected the wrong chrooting method and this explains all your problems. You have to select jailkit and not ssh chroot if your ssh daemon has not been patched for chrooting.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #13  
Old 24th April 2009, 15:01
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by till View Post
If you have a . in the path then you selected the wrong chrooting method and this explains all your problems. You have to select jailkit and not ssh chroot if your ssh daemon has not been patched for chrooting.
I have only 2 choice for Chroot Shell: None or Jailkit.
I patched nothing else (I followed the install guide step by step except for the webmail and FTP server I don't want) so I'm wondering where its comes from.

I'm on a Debian Lenny (5.0.1).
Reply With Quote
  #14  
Old 26th April 2009, 11:17
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
Default

I investigated a little more but I find nothing.

I've only installed jailkit with the configure/make/make install and nothing more. It was the version 2.7.

I checked files within /etc/jailkit and the only one with a different modified date was jk_socketd.ini:

Quote:
# example
#[/home/testchroot/dev/log]
#base = 1024
#peak = 10240
#interval = 2.0

[/var/www/clients/client1/web1/dev/log]
base=512
peak=2048
interval=10
In the Monitor tab of ISPConfig, I don't have anything related to Jailkit, only Fail2ban:
Quote:
2009-04-26 06:25:03,808 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.3
2009-04-26 06:25:03,808 fail2ban.jail : INFO Creating new jail 'ssh'
2009-04-26 06:25:03,808 fail2ban.jail : INFO Jail 'ssh' uses poller
2009-04-26 06:25:03,809 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2009-04-26 06:25:03,809 fail2ban.filter : INFO Set maxRetry = 6
2009-04-26 06:25:03,810 fail2ban.filter : INFO Set findtime = 600
2009-04-26 06:25:03,810 fail2ban.actions: INFO Set banTime = 600
2009-04-26 06:25:03,863 fail2ban.jail : INFO Jail 'ssh' started
2009-04-26 06:25:05,468 fail2ban.filter : INFO Log rotation detected for /var/log/auth.log
2009-04-26 06:25:29,468 fail2ban.filter : INFO Log rotation detected for /var/log/auth.log
Reply With Quote
  #15  
Old 26th April 2009, 11:25
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,381
Thanks: 833
Thanked 5,482 Times in 4,316 Posts
Default

Looks fine so far.

If I remember correctly I did my last tests with Jailkit 2.6, maybe something changed there. I will try to setup a new system in the next days to see if everything is still working. Added this to the bugtracker:

http://bugtracker.ispconfig.org/inde...ls&task_id=716
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #16  
Old 5th May 2009, 14:18
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,265
Thanks: 80
Thanked 24 Times in 20 Posts
Default

Quote:
Originally Posted by till View Post
Jailkit works for me fine on lenny, there are no known bugs. SSH-Chroot will only work if you patch your SSH daemon like it was nescessary for ispconfig 2.
Just wondering if this is still valid, as far as I know the latest openssh contains the patch so it is not needed anymore.

Besides, I followed the how to for the perfect debian lenny webserver for ispcfg3 completely and I am not offered the chroot option only the jailkit one.

besides, what is the difference in a few sentences between those two?
Reply With Quote
  #17  
Old 5th May 2009, 14:31
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,381
Thanks: 833
Thanked 5,482 Times in 4,316 Posts
Default

This is still valid. The patch in openssh is not compatible with the way the chroot was configured with the patch thatw as available before.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #18  
Old 7th May 2009, 09:27
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
Default

In fact I just saw these logs (/var/log/auth.log) after creating a user:
Quote:
May 3 18:32:01 *serverName* useradd[17093]: new user: name=someuser, UID=5011, GID=5006, home=/var/www/clients/client4/web18, shell=/bin/bash
May 3 18:32:01 *serverName* CRON[17054]: pam_unix(cron:session): session closed for user root
May 3 18:32:01 *serverName* usermod[17099]: lock user `someuser' password
May 3 18:32:05 *serverName* usermod[18272]: unlock user `someuser' password
May 3 18:32:05 *serverName* usermod[18279]: change user `someuser' home from `/var/www/clients/client4/web18' to `/var/www/clients/client4/web18/./home/someuser'
May 3 18:32:05 *serverName* usermod[18284]: change user `web18' home from `/var/www/clients/client4/web18' to `/var/www/clients/client4/web18/./home/web18'
Finally, when the user log-in, the path is good as it's the setuped one. But it's not the expected one.

Hope it helps
Reply With Quote
  #19  
Old 7th May 2009, 11:06
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,381
Thanks: 833
Thanked 5,482 Times in 4,316 Posts
Default

If you use Jailkit newer then 2.5 then please install this update:

http://www.howtoforge.com/forums/showthread.php?t=34555
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #20  
Old 8th May 2009, 15:02
oncletom oncletom is offline
Junior Member
 
Join Date: Apr 2009
Posts: 20
Thanks: 3
Thanked 1 Time in 1 Post
 
Default

I applied the update, reconfigured the services, switched a Shell User account from Jailkit to None then None to Jailkit and now I'm dropped in the good directory (the one of the Dir option in the Options tab of ISPConfig.

If I do "cd /", I can still access the root of the server. Is it normal?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 2.3.3-dev released till General 10 12th March 2008 21:08
Chroot ssh login problem gral Server Operation 3 2nd November 2007 18:25
SSH Remote Login Not Working Anymore! kisong Server Operation 10 3rd January 2006 17:26
ISP-Ubuntu breezy ispconfig dns email e-mail working finally yellowjelly HOWTO-Related Questions 0 19th November 2005 20:30
Working with ISPConfig with IP MyLinux General 5 5th September 2005 10:24


All times are GMT +2. The time now is 01:51.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.