1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

chrootsh broken on 10.4 upgrades

Discussion in 'Plesk 10.x for Linux Issues, Fixes, How-To' started by Hostasaurus.Com, Feb 29, 2012.

  1. Hostasaurus.Com

    Hostasaurus.Com Regular Pleskian

    30
    68%
    Joined:
    Oct 8, 2009
    Messages:
    465
    Likes Received:
    8
    On servers being upgraded from earlier Plesk 10 versions to 10.4.4, all of the new environment files that would normally be added to make chrootsh work are not added, and that prevents chrootsh users from logging in. At the very least, /bin/bash needs to be copied in, and probably the rest of /bin to make shell access not useless, the /lib64 directory for required libraries, /tmp for session data and without /dev/null, sftp doesn't work.

    Is there a command that can be run on upgraded servers that will go through every single client on the server to create the required directories or do I need to write something custom?

    I can't open a ticket until I've confirmed this is actually a bug because Parallels penalizes partners if you open a ticket and they don't consider it a bug.
     
  2. jimbob123

    jimbob123 New Pleskian

    13
    35%
    Joined:
    Mar 13, 2012
    Messages:
    13
    Likes Received:
    0
    Same problem

    Hi @Hostasaurus.Com, did you get any response to this? I have what appears to be the same problem. i.e. with the main FTP user account set to /bin/bash (chrooted) then SFTP gives an access denied error.
     
  3. Hostasaurus.Com

    Hostasaurus.Com Regular Pleskian

    30
    68%
    Joined:
    Oct 8, 2009
    Messages:
    465
    Likes Received:
    8
    Nope; but most things that are bugs tend to be ignored lol.

    We had to write a script to go through each chrooted site and copy in the contents of the /var/www/vhosts/chroot/ directory. I'd recommend using rsync because you need to preserve the sticky bit on the tmp directory and the socket file in the dev directory. There was a bit more to it than that though; since 10.2+ stupidly changed the behavior of subdomains having their own httpdocs and cgi-bin directories in /subdomains/<name>/ to one where the customer can choose any name they want for the document directory, before copying in these new directories from chroot, you have to first check to make sure the customer didn't create any subdomains and call the directories dev, etc, tmp or var.
     
Loading...