Cpanel : JailShell : Virtfs Unmount

Cpanel : JailShell : Virtfs Unmount

If you’re a sysadmin of Cpanel server, you might be aware of the JailShell. Its nothing but a User Shell with limited privileges. Users requesting for shell access to the webhosting server are provided with such shell instead of bash (Which provides root level privileges to users) .

Jailshell limits the users access to their home directory and keeps rest of the file system safe. Still there are chances of such users breaking into your system, so be sure of providing shell access to your servers. Jailshell mounts the filesystems of the users, who login via SSH under a directory called /home/virtfs. This contains users home directory and a false file system which links back to system directories like /bin, /usr etc.

NOTE: Be careful! Don’t remove any folder which is inside /home/virtfs,NEVER. As I said earlier, this folder links back to your systems root file system. You might end up screwing up your server if you attempt it.

So, we got to know that the Jailshell provides a restricted shell access to users and mounts the home directory temporarily at /home/virtfs.

Now, what if you still see the directories of different users mounted under /home/virtfs?

Right, this normally happens when users forget to logout properly from their SSH sessions. As a system admin, you’re responsible to unmount these directories safely.

How do I do that?

You can find all the virtfs mounts in /proc/mounts. Run cat /proc/mounts.

Now, its time to unmount them one by one. For that you have to take the second column of the output. Or write a simple for loop as follows.

for i in `cat /proc/mounts | grep /home/virtfs | cut -d ‘ ‘ -f 2 ` ; do umount $i ; done

If you want to unmount the virtfs of a perticular user, you can simply add an another pipe to for condition with grep username.

Now, you’re done with cleaning of your virtfs.