Jailkit issue with folder removal

Discussion in 'ISPConfig 3 Priority Support' started by variable99, Oct 29, 2025.

Page 2 of 2
  1. till

    till Super Moderator Staff Member ISPConfig Developer

    You could e.g. try to debug which exact parameters get passed to the function.
     
    till, Nov 4, 2025 at 9:48 AM
    #21
  2. variable99

    variable99 Member HowtoForge Supporter

    Here is debug info so far:

    Code:
    Tue Nov 4 13:29:01 EET 2025 04.11.2025-11:29 - DEBUG [plugins.inc:155] - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
Tue Nov 4 13:29:01 EET 2025 04.11.2025-11:29 - DEBUG [server:184] - Found 1 changes, starting update process.
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [modules.inc:192] - Replicated from master: DELETE FROM `shell_user`  WHERE `shell_user_id` = '370'
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [plugins.inc:118] - Calling function 'delete' from plugin 'shelluser_base_plugin' raised by event 'shell_user_delete'.
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: chattr -i '/var/www/clients/client989/web938' - return code: 0
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: rm -rf '/var/www/clients/client989/web938/home/xvzvgokjez/.ssh' - return code: 0
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: chattr +i '/var/www/clients/client989/web938' - return code: 0
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [plugins.inc:118] - Calling function 'delete' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_delete'.
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: chattr -i '/var/www/clients/client989/web938' - return code: 0
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: killall -u 'xvzvgokjez' ; userdel -f 'xvzvgokjez' &> /dev/null - return code: 0
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: chattr -i '/var/www/clients/client989/web938' - return code: 0
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: chattr +i '/var/www/clients/client989/web938' - return code: 0
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [shelluser jailkit plugin.inc:352] - Jailkit Plugin -> delete chroot home:/var/www/clients/client989/web938/home/xvzvgokjez
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:3026] - delete_jailkit_chroot called for /var/www/clients/client989/web938 with options Array
Tue Nov 4 13:29:02 EET 2025 (
Tue Nov 4 13:29:02 EET 2025 )
Tue Nov 4 13:29:02 EET 2025
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  unlink(/var/www/clients/client989/web938/bin): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 3074
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/dev): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/etc): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  unlink(/var/www/clients/client989/web938/lib): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 3074
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  unlink(/var/www/clients/client989/web938/lib64): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 3074
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/usr): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/var): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/run): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:3083] - delete_jailkit_chroot: removed from jail /var/www/clients/client989/web938:  /bin /dev /etc /lib /lib64 /usr /var /run
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rename(/var/www/clients/client989/web938/home,/var/www/clients/client989/web938/private/home-2025-11-04T11:29:02+00:00): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 3093
Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: chattr +i '/var/www/clients/client989/web938' - return code: 0
Tue Nov 4 13:29:03 EET 2025 04.11.2025-11:29 - DEBUG [shelluser jailkit plugin.inc:363] - Jailkit Plugin -> delete username:xvzvgokjez
Tue Nov 4 13:29:03 EET 2025 04.11.2025-11:29 - DEBUG [modules.inc:205] - Processed datalog_id 85548
Tue Nov 4 13:29:03 EET 2025 04.11.2025-11:29 - DEBUG [server:224] - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
     
    Last edited: Nov 4, 2025 at 12:50 PM
    variable99, Nov 4, 2025 at 12:34 PM
    #22
  3. variable99

    variable99 Member HowtoForge Supporter

    Found the problem:
    Code:
    Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [shelluser jailkit plugin.inc:352] - Jailkit Plugin -> delete chroot home:/var/www/clients/client989/web938/home/xvzvgokjez
    This has code:
    PHP:
    $this->_delete_homedir($data['old']['dir'].$jailkit_chroot_userhome,$userid,$data['old']['parent_domain_id']);
    And '_delete_homedir' function at the end has this:
    PHP:
    $app->system->web_folder_protection($web['document_root'], true);
    It prematurely does chattr +i on users root folder so this:
    PHP:
    if(isset($web['delete_unused_jailkit']) && $web['delete_unused_jailkit'] == 'y') {
                        $this->_delete_jailkit_if_unused($web['domain_id']);
                }
    Returns this:
    Code:
    Tue Nov 4 13:29:02 EET 2025 PHP Warning:  unlink(/var/www/clients/client989/web938/bin): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 3074
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/dev): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/etc): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  unlink(/var/www/clients/client989/web938/lib): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 3074
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  unlink(/var/www/clients/client989/web938/lib64): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 3074
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/usr): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/var): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
Tue Nov 4 13:29:02 EET 2025 PHP Warning:  rmdir(/var/www/clients/client989/web938/run): Operation not permitted in /usr/local/ispconfig/server/lib/classes/system.inc.php on line 972
    Fix in /usr/local/ispconfig/server/plugins-enabled/shelluser_jailkit_plugin.inc.php ON SLAVE server:
    PHP:
    if(isset($web['delete_unused_jailkit']) && $web['delete_unused_jailkit'] == 'y') {
                        $app->system->web_folder_protection($web['document_root'], false);
                        $this->_delete_jailkit_if_unused($web['domain_id']);
                }
     
    Last edited: Nov 4, 2025 at 12:56 PM
    variable99, Nov 4, 2025 at 12:50 PM
    #23
    till likes this.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Have you checked if the protection is turned on afterwards? If not, you will have to turn it on after line:

    Code:
    $this->_delete_jailkit_if_unused($web['domain_id']);
     
    till, Nov 4, 2025 at 1:19 PM
    #24
  5. variable99

    variable99 Member HowtoForge Supporter

    It is turned on after whole operation:
    Tue Nov 4 13:29:02 EET 2025 04.11.2025-11:29 - DEBUG [system.inc:2539] - safe_exec cmd: chattr +i '/var/www/clients/client989/web938' - return code: 0
    I would not dare to leave such a security hole.
     
    variable99, Nov 4, 2025 at 1:20 PM
    #25
Page 2 of 2

Share This Page