jailshell

Hi all I'm after some advice if anyone can help. We have a server configured to use PHP-FPM along with http2. I've received one of the "Security Advisor notifications" emails from the server recommending we install mod_ruid2 and change users to jailshell. What would fall out of installing...

cPanel v94 on Alma 8. Out of the box, the cPanel jailshell environment doesn't include the files under /etc/crypto-policies. This breaks crypto-policies(7) and can cause unexpected/undesired behavior across various processes (kerberos, (lib)openssh, (lib)openssl, etc). As one example that...

Environment: Alma Linux 8.5.latest, cPanel 94.0.23 LTS Jailshell users get a minor error when logging into command line (ie using 'Terminal' or via SSH): sed: can't read /usr/share/Modules/init/.modulespath: No such file or directory The error is coming from this section of...

in my server CentOs 7 we have some users with jailshell when they run the commandcat /etc/passwdthey can see ALL users and the complet file. that is normal in LINUX ? how I can avoid that?

I've enable EXPERIMENTAL: Jail Apache but now every time I hit return on terminal I get this notice: -jailshell: /usr/local/lp/bash_eternal_history: Read-only file system Could you please tell me how to resolve this. I looked in my .bashrc and couldn't find anything related to this file...

I've been using PHP Codesniffer with some additional rulesets installed via Composer on several accounts to test PHP code before I upgrade the PHP version. Currently, I've got PHP Codesniffer installed on each account where I use it in the users' /home folder and added the path to each users'...

I just got an request from a PHP developer who claims that curl is not working from PHP in a JailShell account while compiled into Apache. Is this a security feature or some misconfiguration on my side?

A cron that has been running for many years has suddenly stopped working with this error: /usr/local/cpanel/bin/jailshell: https://www.xxxxxxxx.net.au/coin_cron/bills.php: No such file or directory bills.php is still here, so what am I doing wrong? Any assistance would be greatly appreciated.

When not using mod_ruid2 then why still getting warning message from cPanel Security Advisor?

Hello, i trying to find out how is safe to give ssh to users on shared hosting? All i can found is some old forum posts (about 10 years old). cPanel hosting server + CSF and without cloudlinux or other software Any link text or thought?

Can you confirm whether or not the bin => logrotate will work for the user? I have custom conf for logrotate within their user space.

Hi there. This morning some crontab processes stopped working as expected. After checking the basics, I surprisingly found that my crontab for user accounts was touched! So above every uncommented line, I found this: SHELL="/usr/local/cpanel/bin/jailshell" So cPanel somehow "touched" my...

Hello, This issue is first reported at cpanel uses jailshell for cron (problem) but no solution provided. We are running cPanel on CentOS 7.2 and since last week we see /usr/local/cpanel/bin/jailshell being abused by spammers. We see jailshell called many times pushing 100% CPU and RAM, and...

I know that JailShell keeps a user inside their own folder. If a user's folder is on home2, cPanel automatically puts a symlink on home pointing to their folder so that services can always use home and not care where their folder really is. With JailShell, however, it will not allow a user to...

Hello, I received this error today, while trying to login remotely, using SSH: lock file /home/virtfs/_lock/32865 created by pid 68579 was not removed before the process died. *** glibc detected *** -jailshell: double free or corruption (out): 0x00000000025caba0 *** I was logging in to try...

Hi all, Are jailshell users supposed to have access to these files? /etc/pki/tls/certs/ca-bundle.crt which is a symlink to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/pki/tls/certs/ca-bundle.trust.crt which is a symlink to /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt...

Hello I have noticed that user who have jail shell access , he can access 80% of server data. and this is very risky. Is there any way to prevent this ? or is there any way to copy all users commands execuated via jailshell to safe location so that he can not clear those ? in...

I wanted to reply to an old thread but couldn't. The thread was just too old. But the the suggestion in there by mynameanu's solved a major headache for me today... It started (after migrating to a new server) with an email pipe to a PHP script throwing a "no input file specified" error. The...

I want maximum security for cpanel accounts, so one cant influence other injecting/seeing each other files, what this option do regarding this? should i enable it by default? none of my users have SSH access.. is it only about SSH access this feature?

Hello, please how can i enable mod_ruid and jailshell on my whm server? It is adviced by this post: https://forums.cpanel.net/f185/solutions-handling-symlink-attacks-202242-p23.html#post1397221 and there too: http://www.sysadmindiaries.com/2013/07/how-to-prevent-cpanel-apache-symlink.html...