Symlink & unnamed group ID problem (10.04 LTS, ISPConfig, Jailkit)

Discussion in 'General' started by Nap, Sep 6, 2013.

  1. Nap

    Nap Member

    [SOLVED]Symlink & unnamed group ID problem (10.04 LTS, ISPConfig, Jailkit)

    Hi,

    I have ISPConfig 3 running on Ubuntu 10.04 LTS rather nicely for some time now, and it still is.

    I added my first 3rd party local user to my VPS yesterday, and need to add a few more soon.
    I chose to do this through the consol rather than through ISPConfig (I wanted 'normal' usernames in this case).

    In order to manage their view of my system, I installed JailKit and it's doing its containment job fine.

    I would now like to permit this new local user to access a sub-folder of one of my websites. In order to do this, I added this local user to the group (by name) to which this domain (established using ISPConfig) belongs and set the group level permissions for that folder to 777. I then setup a symlink from their jailed home folder to the web folder. "[email protected]:~$ ln -s /var/www/site/web/2509"

    The symlink was created in the user's account (I logged in on their behalf while setting up).

    The problem I'm having is that though they can see the folder in their directory listing, they can't access it. Attempting to change directory into that folder causes bash to return:
    PHP:
    bashcd2509No such file or directory
    When I perform
    PHP:
    ls -lha
    I'm shown the folder name on the left, and on the far right I can see the correct directory where it's pointing to (which contains an index.html file). This folder is shown in red.

    So I logged into root and went to the above user's jailed home. The symlink shows in blue and works fine when I change directory to it.

    I also noticed that since I added this user to the ISPConfig generated group, the user is being shown
    PHP:
    groupscannot find name for group ID xyz
    when they log in. I'm wondering if the two issues are related? (where xyz is the group ID of the ISPConfig created client.)

    1) Does anyone have advice on how I can make the symlink work, and
    2) When I looked in /etc/group I could see the group ID xyz and its association to the correct client in the file, hence I'm wondering why I'm getting above message? (Perhaps I haven't used jk_cp to copy group definitions into the jailed folder structure?)

    Cheers,
    Nap
     
    Last edited: Sep 6, 2013
  2. Nap

    Nap Member

    wrt #2
    Yes, the /home/jail/etc/group file does not contain all the group definitions.

    Is it safe to copy the info from the /etc/group version?
     
  3. Nap

    Nap Member

    I have typed it in, and the login message is gone.

    However, problem #1 still remains.
     
  4. Nap

    Nap Member

    It appears that the problem is perhaps related to the fact the symlink is pointing to a location outside of the jail.
    Since the the 'root' of the jailed user's location is at /home/jail/ how would I reference a location outside the jail?
     
  5. Nap

    Nap Member

    problem #1 is solved.
    What I missed was that a jailed user's root folder is the jailkit install folder.
    In order to access outside the jail I needed to mount the folder in question.

    :)

    So, the only remaining question is it safe to copy the /etc/group contents into the jailed area?
     

Share This Page