Access to chroot programs

Discussion in 'Installation/Configuration' started by Rescue9, Jul 17, 2009.

  1. Rescue9

    Rescue9 ISPConfig Developer ISPConfig Developer

    In the Jailkit tab of the Server Config panel of ISPC3, there is a box to place additional jailkit chroot apps. I need to add access to sftp, unzip, and bzip2 to my chroot users. I've added the program names to the Jailkit chroot app sections and even placed the path to the bin in the Jailkit chrooted applications. I've even completely rebooted the machine, but my chroot users do not have access to these programs.

    How can I add access to these programs to chroot users?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    These settings are only applied to new or updated users.
     
  3. Rescue9

    Rescue9 ISPConfig Developer ISPConfig Developer

    Well....... that wasn't what I wanted to hear. :-(

    Here's a couple more questions for you.
    1) You mentioned "updated users". What would I need to do to update my user so that these changes take effect?

    2) Jailkit app sections includes sftp by default. However, I don't have access to run the program as my client. Shouldn't all clients have access to this command?

    3) Can you explain the difference between the " Jailkit chroot app sections" and the "Jailkit chrooted applications" boxes. I want to make sure I have all the programs I need in there prior to any update so my clients will get the necessary programs.



    Thanks!
     
    Last edited: Jul 18, 2009
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    1) Change a setting of the user.
    2 + 3) Please take a look at the jailkit manual for a detailed description waht app sections are and how jailkit works: http://olivier.sessink.nl/jailkit/
     
  5. Rescue9

    Rescue9 ISPConfig Developer ISPConfig Developer

    Okay, I'm figuring it out a bit, but I need to get some answers before I can start troubleshooting and figure out if it's user error on my end or a bug.

    1) Does the /et /jailkit/jk_init.ini get used by ISPC3? If so, how? Is it called when a shell user's info is altered, or when the client's info is altered?

    2) If /etc/jailkit/jk_init.ini is not used, how is jk_init run and which ISPC3 file runs it?

    3) I searched everywhere but can't seem to find where ISPC3 puts the logs for jailkit.

    4) Might be a bit Off Topic, but I keep seeing "usermod: no changes" in the ISPC3 cron log when I make changes to the user. If the log states that there are no changes, could this be why the jk_init isn't being called when changes are made?

    Thanks guys.... tracking this problem down is a bit more difficult than the mail folder issue.
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Take a look at the jailkit plugin for the details how jailkit is used:

    /usr/local/ispconfig/server/plugins-avaulable/shelluser_jailkit_plugin.inc.php
     

Share This Page