|If you run custombuild, the jailed script portion of this guide is in the options.conf.|
#Jailed shell (beta)
./build all_jailThe "./jail/jail_user.sh user" (from the custombuild dir) would be used for each user you want to jail. The remaining httpd.conf and other options from this guide still apply.
1) First, install the scripts and binaries (note, currently for apache 1.3.x only):
2) It's recommended you make backups of /etc/passwd, /etc/shadow, /etc/group, and /etc/master.passwd (if you have it)
cp -f /etc/passwd /etc/passwd.backup
3) To jail a specific user, this command is used:
SetEnv JAIL_DIR |HOME|would need to be added to their virtualhosts (where home is their home directory, eg: /home/username).
Note that php through apache is not jailed, so enableing safemode and open_basedir would be recommended.
To *automate* the jailing process, you can create /usr/local/directadmin/scripts/custom/user_create_post.sh and fill it with:
chmod 755 /usr/local/directadmin/scripts/custom/user_create_post.sh
To automate the cgi jailing, then the SetEnv option has to be added to any virtualhost that is to use the jailing. Create /usr/local/directadmin/scripts/custom/domain_create_post.sh with the following:
4) Since a user can be created without ssh, and it gets added later, we'll need to create a user_modify_post.sh script as well, but since it's the same code, we'll just create a symbolic link.
ln -s user_create_post.sh /usr/local/directadmin/scripts/custom/user_modify_post.sh
Note, that the jail_user.sh isn't going to be very speedy as it has to transfer over all program binaries and libraries that would be needed inside the jail. This takes time. It also takes a huge amount of space that will not be counted in the users total disk usage.
|Which folders are skipped from a DirectAdmin backup?|
© 2003 JBMC Software, Suite 173 3-11 Bellerose Drive, St Albert, AB T8N 1P7 Canada. Mon-Fri 9AM-5PM MST