Announcement

Collapse
No announcement yet.

Shell access is not working in cagefs+cpanel server

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    Shell access is not working in cagefs+cpanel server

    Shell access is not working in cagefs+cpanel server
    Tags: None
  • #2
    Hi,

    We can enable users to ssh using normal shell in cpanel after installing cagefs.

    It connects for 1 sec and connection is closed.

    This is the ssh log,

    Jun 6 14:33:05 colXXXXx sshd[11008]: Accepted password for videofan from 115.119.57.2 port 47862 ssh2
    Jun 6 14:33:05 colXXXXx sshd[11008]: pam_unix(sshd:session): session opened for user videofan by (uid=0)
    Jun 6 14:33:05 colXXXXx sshd[11008]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session
    Jun 6 14:33:06 colXXXXx sshd[11153]: Received disconnect from 115.119.57.2: 11: disconnected by user
    Jun 6 14:33:14 colXXXXx sshd[11191]: Accepted password for videofan from 115.119.57.2 port 47866 ssh2
    Jun 6 14:33:14 colXXXXx sshd[11191]: pam_unix(sshd:session): session opened for user videofan by (uid=0)
    Jun 6 14:33:14 colXXXXx sshd[11191]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session
    Jun 6 14:33:15 colXXXXx sshd[11213]: Received disconnect from 115.119.57.2: 11: disconnected by user

    Comment

    • #3
      What is in your:
      /etc/pam.d/sshd

      What is the shell from /etc/passwd for that user?

      Comment

      • #4
        I am facing this problem too.

        Code:
        cat /etc/pam.d/sshd

#%PAM-1.0

auth       required     pam_sepermit.so

auth       include      password-auth

account    required     pam_nologin.so

account    include      password-auth

password   include      password-auth

# pam_selinux.so close should be the first session rule

session    required     pam_selinux.so close

session    required     pam_loginuid.so

# pam_selinux.so open should only be followed by sessions to be executed in the user context

session    required     pam_selinux.so open env_params

session    optional     pam_keyinit.so force revoke

session    include      password-auth

auth       required     pam_shells.so

session    required     pam_lve.so      100     1
        My users shell in /etc/passwd is /bin/bash.

        The moment I disable cagefs for this user using cagefsctl --disable username, I can again ssh to server without a problem.

        Regards,

        Comment

        • #5
          Do you get any error message when you attempt to login?

          Comment

          • #6
            Yeah the same as Dennis John mentioned..

            Code:
            Jul 11 09:48:51 test-1 sshd[889501]: Accepted password for suhastest from 122.182.0.38 port 47103 ssh2

Jul 11 09:48:51 test-1 sshd[889501]: pam_unix(sshd:session): session opened for user suhastest by (uid=0)

Jul 11 09:48:51 test-1 sshd[889501]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session

            Comment

            • #7
              Try doing:
              id USERNAME
              lvectl destroy _ID_
              where _ID_ is the user id from previous user
              And then try logging in again.
              If that doesn work, please, contact our support at helpdesk.cloudlinux.com

              Comment

              • #8
                And I am using cagefs-3.5-2.el6.cloudlinux.x86_64

                Comment

                • #9
                  This thread might be quite old, but I have been unable to find any others with the correct fix.

                  As this is CloudLinux with LVE/CageFS, the standard fix below suggest by people for standard Linux does not work:
                  Edit /etc/pam.d/sshd and comment out the below line:
                  session required pam_loginuid.so

                  The work around is to comment out the line used by CageFS/LVE:
                  session required pam_lve.so 500 1

                  A full fix for this would be greatly appreciated, as we would like to have everything secure, and working

                  Comment

                  • #10
                    Well, we would really like to investigate the issue, however the symptoms should be different from a 3 years old thread. Could you please show us more information what exactly is not working and what /var/log/secure and /var/log/messages are saying?

                    Removing "session required pam_lve.so" is not a fix, you simply disable lve/cagefs functionality at all for ssh sessions.

                    Comment

                    • #11
                      Thread is not letting me post...

                      Comment

                      • #12
                        Now to post the link to the real information it wasn letting me post...
                        http://cycling-europe.com/test.txt

                        Comment

                        • #13
                          What is home location for blacksheep ? (grep blacksheep /etc/passwd)

                          And also show me the content of /etc/cagefs/cagefs.base.home.dirs file.

                          Comment

                          • #14
                            Home directory is /home/blacksheep.

                            This was the contents of /etc/cagefs/cagefs.base.home.dirs:
                            mount_basedir=1
                            ^/var/www/vhosts/[^/]+

                            I added the below line and was able to log in through SSH:
                            ^/home/[^/]+

                            The below lines show in /var/log/secure:
                            Jul 1 21:10:24 plesk sshd[558886]: pam_unix(sshd:session): session opened for user blacksheep by (uid=0)
                            Jul 1 21:10:24 plesk sshd[558886]: lastlog_openseek: Couldnt stat /var/log/lastlog: No such file or directory
                            Jul 1 21:10:24 plesk sshd[558886]: lastlog_openseek: Couldnt stat /var/log/lastlog: No such file or directory

                            Jul 1 21:30:34 plesk sshd[560170]: syslogin_perform_logout: logout() returned an error
                            Jul 1 21:30:34 plesk sshd[560170]: pam_unix(sshd:session): session closed for user blacksheep

                            Also /var/log/messages:
                            Jul 1 21:03:20 plesk pam_lve[558466]: Error Entering into CageFS -1 Invalid regexps: no match for path to base home directory

                            I am unable to "su".

                            After some searching, I am thinking I should create a "wheel" group. cPanel has this feature built in (our other server), but the one with the issue is Plesk. Unless there is something else that should be done outside of Plesk?

                            Comment

                            • #15
                              Hello,

                              > Home directory is /home/blacksheep.

                              Did you check this in your /etc/passwd as we wrote you before?
                              If yes and homedir is located in /home, then you have custom Plesk configuration. Because users homedir - located in /var/www/vhosts by default on Plesk server.

                              Is there any chance to change it back to default settings ( /var/www/vhosts)? After this you should also remove ^/home/[^/]+ from /etc/cagefs/cagefs.base.home.dirs and run cagefsctl --remount-all.

                              Comment

                              Previous 1 2 template Next
                              Working...
                              X