UnixServerAdmin

Server Administration & Management

cPanel JailShell, Unmount and Clean Virtfs [Jailshell virtfs]

NOTE:- Be careful! Don’t remove any folder which is inside /home/virtfs, NEVER. this folder links back to your systems root file system.

You might end up screwing up your server if you attempt it.

NEVER DELETE ANY FILES FROM /home/virtfs/

/home/virtfs is used to chroot the user into jailed shell. cPanel will hard link files into this directory so deleting files in /home/virtfs will also delete the files on the server in the actual location.

Example: rm /home/virtfs/user/etc/exim.pl will delete /etc/exim.pl

If you’re a sysadmin of cPanel server, you might be aware of the JailShell. Its nothing but a User Shell with limited privileges. Users requesting for shell access to the webhosting server are provided with such shell instead of bash (Which provides root level privileges to users) .

Jailshell limits the users access to their home directory and keeps rest of the file system safe. Still there are chances of such users breaking into your system, so be sure of providing shell access to your servers. Jailshell mounts the filesystems of the users, who login via SSH under a directory called /home/virtfs.  This contains users home directory and a false file system which links back to system directories like /bin, /usr etc.

So, we got to know that the Jailshell provides a restricted shell access to users and mounts the home directory temporarily at /home/virtfs.

Now, what if you still see the directories of different users mounted under /home/virtfs?

Right, this normally happens when users forget to logout properly from their SSH sessions. As a system admin,
you’re responsible to unmount these directories safely.

How do I do that?

You can find all the virtfs mounts in /proc/mounts. Run cat /proc/mounts.

# cat /proc/mounts

Now, its time to unmount them one by one. For that you have to take the second column of the output Or write a simple for loop as follows.

for i in `cat /proc/mounts | grep /home/virtfs | cut -d ‘ ‘ -f 2 ` ; do umount $i ; done

If a user is reporting double the quota and it is from /home/virtfs then we need to umount or kill and hanging jailshell process.  To do this run

# ps aufx |grep user |grep jailshell

If there are no jailshell processes then run

# cat /proc/mounts

It will show,
/dev/root /home/virtfs/user/lib ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/lib ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/sbin ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/share ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/bin ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/man ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/X11R6 ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/kerberos ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/libexec ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/local/bin ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/local/share ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/local/Zend ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/include ext3 rw,data=ordered,usrquota 0 0
/dev/sda2 /home/virtfs/user/usr/local/lib ext3 rw,data=ordered,usrquota 0 0
/dev/sda3 /home/virtfs/user/var/spool ext3 rw,noatime,nodiratime,data=ordered,usrquota 0 0
/dev/sda3 /home/virtfs/user/var/lib ext3 rw,noatime,nodiratime,data=ordered,usrquota 0 0
/dev/sda3 /home/virtfs/user/var/run ext3 rw,noatime,nodiratime,data=ordered,usrquota 0 0
/dev/sda3 /home/virtfs/user/var/log ext3 rw,noatime,nodiratime,data=ordered,usrquota 0 0
/dev/sda6 /home/virtfs/user/tmp ext3 rw,nosuid,nodev,noexec,data=ordered 0 0
/dev/root /home/virtfs/userbin ext3 rw,data=ordered,usrquota 0 0

You will need to unmount each of these by running

# umount /home/virtfs/user/tmp

and so on

You can also run

for i in `cat /proc/mounts |grep virtfs |grep user |awk ‘{print$2}’`; do umount $i; done

Make sure to replace user with the cPanel username in the above command. This will then clear up the files in /home/virtfs and the quota should return to normal. If you want to unmount the virtfs of a perticular user, you can simply add an another pipe to for condition with grep username.

Now, you’re done with cleaning of your virtfs.

December 17, 2011 Posted by | cPanel | , | 1 Comment