- Shell Users FAQ
- What is a Jailed Shell? Why is it beneficial?
- I've started looking at how the jailed shell works on InterWorx. I have noticed there is a limited amount of commands one can run - especially the stop and start of users site container. How do I enable certain commands in shell for users using jailed shell?
- How do I add commands to the jailed shell?
Shell Users FAQ
What is a Jailed Shell? Why is it beneficial?
A jailed shell is a shell user with limited access to the file system.
This is a security precaution, and highly recommended because with normal ssh access the user will have access to complete file system and will be able to access anything that does not have permissions that specifically preclude it.
For example, this means that the user can read configuration files from PHP scripts with password info in them (unless permissions on them were manually changed post install) and install things in directories chmod’d to 776 / 777 like temporary directories.
I've started looking at how the jailed shell works on InterWorx. I have noticed there is a limited amount of commands one can run - especially the stop and start of users site container. How do I enable certain commands in shell for users using jailed shell?
Use the jk_cp command:
from a root shell:
jk_cp /chroot /usr/bin/command-you-want-to-install
How do I add commands to the jailed shell?
The jailed shell deliberately has a limited amount of commands one can run.
If you deem that your users need access to another command you use the jk_cp command from the root shell to add the command you want to enable for example. jk_cp /chroot /usr/bin/command-you-want-to-install
| Use this with caution as most of the commands which were excluded were done so as a security precaution! |
