Hi folks, I have a nice ISPConfig running on a CentOS 6.5 with Jailkit and many other things (thanks for the amazing ThePerfectServerHowTo from this site). I create Shell Users an assigned them to Jailkit and everything go smoothly (after modifying a bit the /etc/passwd file, as you all know). Well, now I'd like to include the JAVA application into the Jail. I've used the ISPConfig Panel to do that, but a chroot'ed user still cannot launch java binary. And now is when I'm kindly asking you for some help here Thanks.
Hi all, I've tried with a bunch of guides, the most promising ones are: - http://olivier.sessink.nl/jailkit/howtos_debug_jails.html - https://kittblog.com/article/6/webs...shell/586/jailkit-java-in-der-chrooted-shell/ But still failing. PLEASE, someone can give me hand?
Hi, Did you solve the issue. Because I have facing same issue. CentOS 7.8 1. Installed java18 in folder /opt/jdk-18 2. Create a shell user in ISPConfig Panel for web21 3. Add the following lines in end of the /etc/jailkit/jk_init.ini Code: [java_libraries] comment = necessary file to execute java program paths = /opt/jdk-18/bin 4. Run "jk_init -v /var/www/clients/client2/web21 java_libraries" Code: usr/bin/var/www/clients/client2/web21/bin WARNING: section /var/www/clients/client2/web21 does not exist in /etc/jailkit/jk_init.ini Create directory /var/www/clients/client2/web21/opt Traceback (most recent call last): File "/usr/sbin/jk_init", line 261, in <module> main() File "/usr/sbin/jk_init", line 258, in main activateConfig(config, jail, args) File "/usr/sbin/jk_init", line 173, in activateConfig ji.handle_cfg_section(config,jail,cfg,section) File "/usr/sbin/jk_init", line 119, in handle_cfg_section self.didfiles = jk_lib.copy_binaries_and_libs(chroot, paths2, config['force'], config['verbose'], check_libs=1, try_hardlink=config['hardlink'],try_glob_matching=1,handledfiles=self.didfiles) File "/usr/share/jailkit/jk_lib.py", line 668, in copy_binaries_and_libs create_parent_path(chroot,os.path.dirname(file), be_verbose, copy_permissions=1, allow_suid=allow_suid, copy_ownership=retain_owner) File "/usr/share/jailkit/jk_lib.py", line 485, in create_parent_path os.mkdir(jailpath, dir_mode) OSError: [Errno 13] Permission denied: '/var/www/clients/client2/web21/opt' 5. Even I unable to create folder in jail, I unable to use mv function to move file to jail within root login Also I don't know the exact "paths = " full value for java usage Please help me to use java in jailed shell user.
The directory /var/www/clients/client2/web21 is protected, you must remove protection before adding new folders to it. Run first: chattr -i /var/www/clients/client2/web21 then run the jk_init command and finally run: chattr +i /var/www/clients/client2/web21
Awesome. Thank you very much for the very fast reply. Yes. jk_init command is working now without error. But still I unable to use java command within jail even I re-entered into SSH Code: bash-4.2$ java bash: java: command not found Where is the problem I think, I did not complete the "paths =" value in jk_init.ini Please anybody modify and give me the following values for JDK18 (/opt/jdk-18) Code: paths = /usr/lib/jdk1.6.0_22/bin/java, /lib/libpthread.so.0, /lib/libdl.so.2, /lib/libc.so.6, /usr/lib/jdk1.6.0_22/jre/lib, /lib/libm.so.6, /lib/libm-2.5.so, /proc/meminfo ( got it from here )
Resolved it for command not found error, resolved by execute following command in jail user login: Code: export PATH=$PATH:/opt/jdk-18/bin after that I got insufficient memory error. 1. Root user login: Add ", /proc/meminfo" in "jk_init.ini => [java_libraries] => paths" as follow Code: [java_libraries] comment = necessary file to execute java program paths = /opt/jdk-18/bin, /opt/jdk-18/lib, /proc/meminfo 2. Root user login: run the jk_init command. 3. Jail user login: Code: mount --bind /proc /var/jail/proc Working as expected. Enjoy Note: Next I am trying to execute PostgreSQL commands psql and postgres in jail
