CL+CageFS+DA - Weird disk space for user / memory
Forum
  1. Forums
  2. CloudLinux and Control Panels
  3. CloudLinux and DirectAdmin
  1. Anonymous User
  2. 19.02.2021
  3.  Subscribe via email
I have a problem (I tried to find similar topics without results).

My server:
Disks (soft raid 1) - 3TB
128G RAM

1 Problem
I have a package for example 10G in Directadmin and I just created user with this.

user A - 10G
ssh access
cagefs

When I log into the user accont I see:
[[email protected] ~]$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/md1 64G 7.7G 53G 13% /
/dev/md3 3T 4.9G 3T 1% /tmp
tmpfs 63G 908K 63G 1% /run/dbus
tmpfs 63G 0 63G 0% /dev/shm

from root: quota -v test
Disk quotas for user test (uid 1006):
Filesystem blocks quota limit grace files quota limit grace
/dev/md1 84 0 0 23 0 0
/dev/md3 148 10485760 11534336 99 1000000 1100000

Why user can see whole of diskspace? I mean 3TB of whole disk if is jailed in cagefs and has correct quota?

2 Problem
user can see whole of available and taken RAM

[[email protected] ~]$ free -m
total used free shared buff/cache available
Mem: 128580 1773 118818 8 7987 125579
Swap: 0 0 0

Is it possible to hide whole available ram from user?
Rate this post:
  1. 19.02.2021 08:02:13
  2. # 1
Posts: 285
Joined: 31.01.2017
0
Votes
Undo
Hi,

LVE/CageFS is not meant to be a containerization technology, so it works as expected from what I can see. Here's what CageFS restricts:


  • Only safe binaries are available to user
  • User will not see any other users, and would have no way to detect presence of other users & their user names on the server
  • User will not be able to see server configuration files, such as Apache config files.
  • User's will have limited view of /proc file system, and will not be able to see other users' processes
  1. 19.02.2021 11:02:56
  2. # 2
Max Accepted Answer
Posts: 0
Joined: 13.04.2021
0
Votes
Undo
Ok, I understand. I was wondering about this cause I have few servers with basic centos and debian with chrooted users and also quota enabled and user can only show what have in quota.

User A with 10GB see only 10GB without any of other params so I was wondering why cloudlinux shows all informations.
Yes CageFS is the best if we are talking about security after few tweak (like symbolic links etc from your documentation) and all of your advantages.

I was wondering, just like that.

Tell me also - You documents are only about CL7 but CL8 was rolled out many months ago. CL8 is still unstable/testing?

https://docs.cloudlinux.com/cloudlinux_installation/#installing-new-servers

even your screens>
https://docs.cloudlinux.com/cloudlinux_installation/#installing-cloudlinux-os-8-from-iso-image

have "testing" info.
  1. 19.02.2021 12:02:54
  2. # 3
Posts: 285
Joined: 31.01.2017
0
Votes
Undo
Thank you for bringing that up to our attention - we will update the images soon.
Yes, CloudLinux OS 8 is stable and can be used on production systems.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Max
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.

EU e-Privacy Directive

This website uses cookies to ensure you get the best experience using our website and services. If you prefer we don’t use cookies, please disable them in your browser.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.