I followed the "Perfect Server" installation for Ubuntu 11.04 and ISPConfig 3.
When using shell as generic linux user or sudo, name resolution works perfectly.
Inside a chrooted environment, name resolution fails.
Here's what I did:
I created a client, and a site. (No reseller is used in my case).
I gave the client a chrooted shell.
The client user can login to the shell, but cannot get name resolution from the shell using any of the available tools:
ping
www.google.com
ping: unknown host
www.google.com
ping with ip address works fine, of course.
More details:
chrooted /etc/resolv.conf contains:
search (my local domain here)
nameserver 8.8.8.8
nameserver 8.8.4.4
The chrooted user can read from resolv.conf
It is identical to the root version.
/bin/ping does have required suid:
ls -la /bin/ping
-rwsr-xr-x 1 0 0 35680 Nov 15 2010 /bin/ping
As far as the settings in ISPConfig's panel for jailkit, these are still set to default values:
Jailkit chroot app sections:
basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh
Jailkit chrooted applications:
/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico
I copied dig and nslookup into the chrooted environment, and both work.
Other info:
This server functions as Web and Mail server only. All other services (including DNS server) are disabled. Mail seems to be working perfectly. I haven't tested the web server yet.
Has anyone else run into this issue?
Any ideas on what might be causing the problem?
thx
English | 
Deutsch
Name resolution not working for jailkit chrooted users
Linear Mode
Recent comments
22 hours 56 min ago
1 day 5 hours ago
1 day 9 hours ago
1 day 11 hours ago
1 day 19 hours ago
2 days 5 hours ago
2 days 5 hours ago
2 days 9 hours ago
2 days 13 hours ago
2 days 14 hours ago