cagefs and some questions
Forum
  1. Forums
  2. CloudLinux and Control Panels
  3. CloudLinux and cPanel
  1. Manuel Kissoyan
  2. Wednesday, 04 January 2012
  3.  Subscribe via email
cagefs, ssh
Rate this post:
  1. 04.01.2012 08:01:53
  2. # 1
Manuel Kissoyan Accepted Answer
Posts: 23
Joined: 16.03.2011
0
Votes
Undo
Hi there,

Im looking to have cagefs on my severs for current jailshell users and i have some questions.
Although i see there are a instructions to install in a specific cpanel server, looks like there isnt any plugin or graphical way to active per user as it have currently for jailshell or shell in WHM.
Should i proceed to first disable all the shell/jailshell at cpanel and then enable cagefs for the desired users?
What happen if by error once cagefs is enabled in a user i go ahead and enable cpanel jailshell for that same user, this will somehow create a conflict?

IS there any eta for a non-beta version?

Thanx in advance!
  1. 04.01.2012 09:01:23
  2. # 2
John MacKenzie Accepted Answer
Posts: 14
Joined: 02.04.2011
0
Votes
Undo
I have a few questions as well

1) I recently went through some hoops to get rssh setup so that i can provide users scp access. so does this actually allow someone to ssh or scp into the server if active without having ssh enabled? I read the docs but really am still unclear.

2) does it only create 1 set of extra binaries (unlike jailshell which creates a new set for every user)?

thanks
  1. 04.01.2012 13:01:49
  2. # 3
Igor Seletskiy Accepted Answer
Posts: 1200
Joined: 09.02.2010
0
Votes
Undo
1. You would still need to enable SSH for the user -- like you would regularly do it. It just that would not see anyone on the server but themselves, and their ability to do any damage (or to discover any info they shouldn\'t be able to discover) highly diminished.

2. Yes, one set of binaries for all.

3. Wait for CageFS 3.0 -- should be coming out tomorrow... or I will start firing my developers :)
  1. 13.01.2012 20:01:16
  2. # 4
Manuel Kissoyan Accepted Answer
Posts: 23
Joined: 16.03.2011
0
Votes
Undo
I see beta 3.0 is out and looking the cpanel plugin images i see they are listing the user that you wish to enable/disable cagefs, wondering if it only show the already cpanel jailshell or shell enabled users or it list all the server users?

Thanx!
  1. 14.01.2012 10:01:17
  2. # 5
Igor Seletskiy Accepted Answer
Posts: 1200
Joined: 09.02.2010
0
Votes
Undo
1. CageFS covers shell, cron jobs and web sessions. Enabling cagefs for the user will make sure that if user executes anything via any of this 3 vectors, it will be caged.
2.You should disable JailShell when using CageFS (as cagefs provides similar infrastructure + more).
3. If user has shell enabled, his shell session will be caged (as long as he has CageFS enabled), if shell is disabled -- he will not have shell access.
  1. 14.01.2012 11:01:28
  2. # 6
Manuel Kissoyan Accepted Answer
Posts: 23
Joined: 16.03.2011
0
Votes
Undo
Thanx Igor...to clarify, in my case i only provide Jailshell to users so in this case i have to disable jailshell, then enabled Shell and then enable cagefs? Or simply disabling jailshell and enabling cagefs it will automatically enable shell too in cpanel?

Or i have to go to enable shell and then enable cagefs for those users?

Thanx again!
  1. 14.01.2012 21:01:04
  2. # 7
Igor Seletskiy Accepted Answer
Posts: 1200
Joined: 09.02.2010
0
Votes
Undo
Disable JailShell, enable cagefs, and then enable shell.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.