I have ISPConfig 3.0.5.3 on CentOS 6.4 and Jailkit 2.1.5. Under System/Server Config/Jailkit, there is an entry for "Jailkit chrooted applications" which currently has the following entry: /usr/bin/groups /usr/bin/id /usr/bin/dircolors /bin/basename /usr/bin/dirname /usr/bin/nano As I understand it, any item specified on this line should be copied (or hard-linked) from the original location (/usr/bin/id) to the respective location in the jail (/var/www/clients/client1/web1/./home/username/usr/bin/id). This currently appears to not be working as I create a new site and then a new ssh user and then check the user's jailed /usr/bin and none of the programs specified above are in that location. All the items in the app sections of jk_init.ini and specified in "Jailkit chroot app sections" are copied to their respective locations in the jail appropriately. If I modify [basicshell] in the jk_init.ini to include /usr/bin/id in the paths= line, then /usr/bin/id is put in place when I create a new site and new ssh user. Other than that, Jailkit appears to be working just fine although I'm disappointed that it doesn't create the default .bash_profile and .bashrc files in /home/username when it creates the home folder location.
OK so I figured this out and feel a tad foolish after the amount of time I spent banging my head into a wall on this. The "Jailkit chrooted applications" line contains the following programs by default: /usr/bin/groups /usr/bin/id /usr/bin/dircolors /bin/basename /usr/bin/dirname /usr/bin/nano I did not add or modify this line. The problem is that nano is not installed by default in CentOS, all the others specified are there by default. Since /usr/bin/nano is not present, I am assuming that jk_cp is choking in the background somewhere on the non-existent nano and thus refusing to copy any of the others. Simply installing nano fixed the issue and now creating a new site and new ssh user copies all the applications to their correct locations. I am assuming removing /usr/bin/nano from "Jailkit chrooted applications" would have the same effect. If nano isn't present by default, you shouldn't be including it in "Jailkit chrooted applications" by default. Bug.
