I noticed that all Jailed (in ISPConfig) users are no longer jailed. Accessing by SFTP Their home is /var/www/clients/clientX/webY/home/user_name and they can browser all directories. What could have happened? Is it possible to reset Jailkit with ISPConfig3?
Check if the paths of the users in /etc/passwd still contain the /./ at the web root and that their shell is still the jailkit shell and not /bin/bash. No, the jails are created when the first jailed user gets added, therefor the resync function can not reset a jail.
Thanks for quick reply. /etc/passwd of last created user looks like web67:x:5049:5007::/var/www/clients/client3/web67:/bin/false new_user:x:5019:5007::/var/www/clients/client3/web27/./home/new_user:/usr/sbin/jk_chrootsh old users looks like: web51:x:5038:5006::/var/www/clients/client2/web51/./home/old_user:/usr/sbin/jk_chrootsh old_user:x:5038:5006::/var/www/clients/client2/web51/./home/old_user:/usr/sbin/jk_chrootsh In ISPConfig3 Shell User > Shell is /bin/bash for all users.
Hmm, strange. Maybe you can try to manually update the jail with jk_update command http://olivier.sessink.nl/jailkit/jk_update.8.html
Please could you kindly show me an example of the command? I'm spaced out and I'm afraid to do damage. The command should be run for each user? Thanks.
Thank you. jk_update fixed all users except web26 previously wrongly indicated as web67. jk_update -j /var/www/clients/client3/web26 did not fix and returned ERROR: failed to remove deprecated file /var/www/clients/client3/web26/usr/share/vim/vim72 ERROR: while scannign dir /var/www/clients/client3/web26/opt/: No such file or directory I also tried to re-create web26 user getting a different behaviour but without success. This user (which before led me astray) can now authenticate but not access SFTP/SSH (FileZilla return Error: Received unexpected end-of-file from SFTP server) I found that someone solved this changing in /etc/ssh/ssh_config Subsystem sftp /usr/lib/openssh/sftp-server with Subsystem sftp internal-sftp but doing so all the users result un-jailed. I can re-create this single website from scratch but I would like to understand what happened. Thanks for help.
I cant tell you what happened with the sites as I did not had this problem before. Regarding web26 user, maybe you have to create a custom jailkit conf file and specify that at jk_update as sftp is normally not part of the default jail and you probably configured that in ispconfig to add sftp support so that ispconfig uses a custom jailkit config but the jk_update now might have just used the default config without sftp.