BuycPanel Blog

BuycPanel Blog

Latest news and updates

How can you Allow Users of Jailed Shells to Access Additional Directories

Posted by Allura on 26 06 2019.

A Brief Overview
In order to allow users of Jailed shells to access additional directories one has to create a custom jailed shell mount.                         The following document outlines the process to be followed in order to create such a custom mount, thereby enabling access for the jailed shell users.How to Create a Custom Mount
To create a custom mount enabling the users of jailed shells to access any additional directories, one has to follow and execute the steps outlined below:Using a preferred text editor, one must Create a file, that is, the –/var/cpanel/jailshell-additional-mounts file.One must then List each separate directory as an ‘absolute’ or a ‘fully-qualified’ one on separate succeeding lines. For instance, one can list then as follows –/usr/local/test1
/usr/local/test2
/usr/local/test3
Warning:
One should not append a trailing slash to the directory names or use relative paths in listing them. For instance, if one wishes to specify the /usr/local/test1 directory, then one should…

A Brief Overview

In order to allow users of Jailed shells to access additional directories one has to create a custom jailed shell mount.                         The following document outlines the process to be followed in order to create such a custom mount, thereby enabling access for the jailed shell users.

How to Create a Custom Mount

To create a custom mount enabling the users of jailed shells to access any additional directories, one has to follow and execute the steps outlined below:

  • Using a preferred text editor, one must Create a file, that is, the –

/var/cpanel/jailshell-additional-mounts file.

  • One must then List each separate directory as an ‘absolute’ or a ‘fully-qualified’ one on separate succeeding lines. For instance, one can list then as follows –

/usr/local/test1
/usr/local/test2
/usr/local/test3

Warning:

One should not append a trailing slash to the directory names or use relative paths in listing them. For instance, if one wishes to specify the /usr/local/test1 directory, then one should not enter the directory name in the list in any of the following ways:

test1/ – for this entry contains a trailing slash after the directory name and would indicate it being a relative directory.

test1 – for this entry would indicate it to be a relative directory.

/usr/local/test1/ – for this entry contains again, a trailing slash.

/usr/local/test1 /usr/local/test2 /usr/local/test3 – for this entry is not listed on separate lines, but on the same line.

This is significant as failing to correctly format the directories in the /var/cpanel/jailshell-additional-mounts might result in a server failure.

  • Finally, having ensured that all of the directories have been entered and listed correctly, Save the custom mount File.

Note:

It has to be kept in mind that custom mounts are read-only files for jailed shell users.

How to Unmount a Custom Mount

To unmount a custom one has to run or use the ‘unmount’ command and not merely remove an entry from the /var/cpanel/jailshell-additional-mounts file.

For instance, in order to unmount the /usr/local/foo one has to run the following command:

umount /home/virtfs/username/usr/local/foo

It is important to remember that if and when a user logs out of the jailed shell account,  the system does not unmount custom mounts.

Note:

One should replace the username with that of the particular cPanel user.

Concluding Thoughts

The given document then details the lucid process to be followed in order to grant jailed shell users access to additional directories. Further, It also provides the information necessary to undo the process if required.