I have Ispconfig 3.0.2.1 installed on Ubuntu 10.04 LTS according to the installation instructions. Jailkit is version 2.11-1. When I create a chrooted SSH user the session is dropped as soon as it is started. With the following output... Code: Linux ispconfig.bkwsu.eu 2.6.32-33-server #72-Ubuntu SMP Fri Jul 29 21:21:55 UTC 2011 x86_64 GNU/Linux Ubuntu 10.04.3 LTS Welcome to the Ubuntu Server! * Documentation: http://www.ubuntu.com/server/doc System information as of Tue Nov 1 08:21:13 GMT 2011 System load: 0.0 Processes: 137 Usage of /: 23.5% of 8.25GB Users logged in: 1 Memory usage: 43% IP address for eth0: 192.168.0.29 Swap usage: 0% Graph this data and manage this system at https://landscape.canonical.com/ 6 packages can be updated. 0 updates are security updates. Last login: Tue Nov 1 08:09:33 2011 from xxx-xxx-xx.zone3.bethere.co.uk Connection to myserver.com closed. /var/log/auth contains the following record... Code: Nov 1 08:21:13 ispconfig sshd[4342]: Accepted password for userintranet from 78.105.1.254 port 60907 ssh2 Nov 1 08:21:13 ispconfig sshd[4342]: pam_unix(sshd:session): session opened for user userintranet by (uid=0) Nov 1 08:21:14 ispconfig sshd[4415]: Received disconnect from 78.105.1.254: 11: disconnected by user Nov 1 08:21:14 ispconfig sshd[4342]: pam_unix(sshd:session): session closed for user userintranet I read in other posts that the user must be created by the reseller, not admin. I have tried both and get the same result. The entries in /etc/passwd and /etc/group are... Code: userintranet:x:5005:5005::/var/www/clients/client1/web2/./home/userintranet:/bin/false Code: sshusers:x:5002:web1,web2,web3,web5 ispapps:x:5003:www-data ispconfig:x:5004:www-data client1:x:5005:www-data The directory, /var/www/clients/client1/web2/./home/userintranet, is owner:group as web2:client1. The message in the log, "disconnected by user" is strange. I am logging in using openssh on Ubuntu. I can log in to any other server I use using the same client. Also worth noting that I have two separate Ispconfig 3 installations. Both behave in the same way.
Login to ispconfig, disable the shell user, click save, then enable the shell user and wait at least a minute. Then try to login again.
Hi Till, Thanks for the amazingly fast response! I just tried disabling the account, waiting a few minutes, enabling the account, waiting a few minutes. No change. I then tried disabling the account, re-enabling immediately after Save, waiting a few minutes. Again, no change. I'm curious, should the shell in /etc/passwd really be /bin/false?
No, the shell must be the chroot shell from jailkit. This might be related to a bug in your ispconfig version. Please update your server to ispconfig 3.0.3.3 and then disable / enable the shell user again.
Hi Till, After upgrading and running /usr/local/ispconfig/server/server.sh at the command line I found the problem. I had symlinked /var/www and /var/lib/mysql to a data partition and this was causing some upset. Trying to bind-mount it caused other problems (unable to create hardlinks to /var/run) so I mounted the whole /var directory to the data partition. Everything is working now and the shell defined in /etc/passwd is now /usr/sbin/jk_chrootsh. Thanks for all your help! Regards...
