Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 23rd December 2009, 19:38
hrvbid hrvbid is offline
Junior Member
Join Date: Nov 2006
Posts: 13
Thanks: 9
Thanked 14 Times in 7 Posts
Default shrooted ssh environments for ispconfig users

(ispconfig 2.2.35, ubuntu 9.10)
With openssh 4.9.x/5.x, the logic to build chrooted ssh users in just built in. Because of the new
logic, the magic separator "/./" within the users homedir assignment in passwd is no longer needed, but is
now in trouble. See http://www.howtoforge.com/forums/showthread.php?t=32459 for the basics.
To consider the history and also the new logic, a solution for ispconfig seems easy to adapt:
One strategic parameter is in /root/ispconfig/scripts/lib/config.inc.php, where
PHP Code:
$go_info["server"]["ssh_chroot"] = or 
is responsible for two actions. In case of value 1, 1st, the magic separator "/./" is used, and 2nd, the
script /root/ispconfig/scripts/shell/create_chroot_env.sh is scheduled to build the users chrooted
One solution is, to have a tri-state with $go_info["server"]["ssh_chroot"], where 0 leads to no chroot,
where 1 leads to chroot with magic "/./" and script execution, and where a new value 2 leads to omit the
magic "/./" but performs the script. The behaviour of option 0 and 1 are unchanged to support all those
with the need of the old logic, but option 2 now becomes adjusted to the new logic. The changes are most easy:
The essential file is /root/ispconfig/scripts/lib/config.lib.php, where lines
# 772-774 (insert new user)
PHP Code:
  if($go_info["server"]["ssh_chroot"] == && $user["user_shell"] && $web["web_shell"]) {
exec("/root/ispconfig/scripts/shell/create_chroot_env.sh $user_username");
have to change to
PHP Code:
  if($go_info["server"]["ssh_chroot"] > && $user["user_shell"] && $web["web_shell"]) {
exec("/root/ispconfig/scripts/shell/create_chroot_env.sh $user_username");
and lines
# 949-950 (update user)
PHP Code:
  if($go_info["server"]["ssh_chroot"] == && $user["user_shell"] && $web["web_shell"]) {
exec("/root/ispconfig/scripts/shell/create_chroot_env.sh $user_username");
also have to change to
PHP Code:
  if($go_info["server"]["ssh_chroot"] > && $user["user_shell"] && $web["web_shell"]) {
exec("/root/ispconfig/scripts/shell/create_chroot_env.sh $user_username");
Note, thats all to do - a really cheap solution. To be complete, a look to
/root/ispconfig/scripts/lib/config.inc.php, where line #106
$go_info["server"]["ssh_chroot"] = 2; // 0 = no, 1 = yes with old chroot path /./, 2 = yes without /./ (openssh 5.x logic)
is the example to use the new logic.
I would be happy, if the small changes would be confirmed with one of the next ispconfix 2.x releases.
Reply With Quote
The Following 4 Users Say Thank You to hrvbid For This Useful Post:
falko (24th December 2009), rockstar9840 (5th November 2010), till (27th December 2009), ybz (27th December 2009)
Sponsored Links


ispconfig 2, ssh chroot, ubuntu 9.10

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with Clamav + samba configuration wammy28 HOWTO-Related Questions 8 31st January 2009 20:12
Cacti and ISPConfig: Monitoring Tool VMartins Tips/Tricks/Mods 11 9th August 2008 19:37
Can't enable SSH access for users TheFuzzy0ne Installation/Configuration 3 8th August 2008 17:53
Junk mail and spamassassin... sthompson Installation/Configuration 4 27th December 2006 17:11
SSH DIED - Virtual Users And Domains With Postfix, Courier And MySQL herbie HOWTO-Related Questions 2 12th December 2006 03:16

All times are GMT +2. The time now is 14:00.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.