1. Forums
  2. CloudLinux and Control Panels
  3. CloudLinux and Plesk
  1. Rich Stern
  2. Wednesday, 22 October 2014
  3.  Subscribe via email
Fresh CentOS 6.5 install, followed by Plesk 12.0.18, followed by CloudLinux and CageFS.  CageFS was initialized, users are all jailed in CageFS, and the skeleton has been updated.

When I SSH to the server as one of the domain owners, the user can still see the real contents of directories like /etc, configuration files, and so on.  Not sure why this is, and I'm hoping for some guidance on what setup step I might have missed.  I looked at the CageFS skeleton files, and the sensitive files I am seeing are not part of the skeleton.

Also, minor quality control point, perhaps an issue for the Plesk folks, but the Plesk Extensions area shows CageFS version as "0.0" and offers the description "GageFS".
Rate this post:
  1. 23.10.2014 05:10:01
  2. # 1
Bogdan Accepted Answer
Posts: 709
Joined: 26.06.2013
0
Votes
Undo
Please check if lve is enabled in ssh pam, the /etc/pam.d/sshd should contains following:

session required pam_lve.so 100 1
Also, please check account UID , and be sure it's greater then minuid (  cagefsctl --get-min-uid ).
  1. 23.10.2014 22:10:57
  2. # 2
Rich Stern Accepted Answer
Posts: 2
Joined: 22.10.2014
0
Votes
Undo
Bogdan, thanks for the reply.



/etc/pam.d/sshd file:

#%PAM-1.0
auth required     pam_sepermit.so
auth include password-auth
account    required     pam_nologin.so
account    include password-auth
password   include password-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    required     pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open env_params
session    optional     pam_keyinit.so force revoke
session    include password-auth
session required pam_lve.so 500 1
~


# cagefsctl --get-min-uid
10000
  1. 24.10.2014 23:10:45
  2. # 3
Rich Stern Accepted Answer
Posts: 2
Joined: 22.10.2014
0
Votes
Undo
Any more help available on this issue?
  1. 28.10.2014 07:10:07
  2. # 4
Bogdan Accepted Answer
Posts: 709
Joined: 26.06.2013
0
Votes
Undo
Sorry, I missed your replies, I worry we would need to check the server directly. Please create a ticket in our support system and we will help you, then share a solution here.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.