• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

chroot environment

A

Aristo

Guest
Hi!

I want to know if you guys can access mysql program from shell when the permission are /bin/bash (chrooted) for a domain.

When it's in /bin/bash it works fine, but the client can see the other vhost domain by doing ls.

Can someone tell me if its possible to lock the client in his root using /bin/bash (chrooted) option but can access program that are in /usr/bin

I know that in Ensim, every chroot environment have is own /usr/bin folder but not in Plesk.

Thank you in advance.
 
you can probably do this by changing the chroot template in /home/httpd/vhosts/chroot that gets installed for each domain. you would have to copy mysql and the libraries it requires to the chroot (ldd /usr/bin/mysql will show you the libraries required, libmysqlclient will probably be there) and then somehow get /var/lib/mysql/mysql.sock into the chroot, maybe via a symlink if thats possible to outside the chroot, maybe mount --bind not sure if it works for files though does for directories.
 
I was wondering if it exist a true chroot jail in Plesk with that /usr/bin without doing a work around.

Best regards,
 
The best work-around is to copy mysql into the chroot template with all needed libraries into .../chroot/lib ... then include a text file in your bin dir --

mysql_readme

and write in there that users must execute mysql as:

mysql -h 127.0.0.1 --username=[YOURUSERNAME] --password=[YOURPASSWORD] --database=[dbname]


-h uses TCP/IP to connect bypassing the need for mysql.sock
 
You must log in or register to reply here.

Similar threads

N
Issue WP-CLI for no root user
Replies
5
Views
753
Vladimir C.
V
JogoVogo
Resolved Domain (SSH) user can see other directories
Replies
11
Views
1K
JogoVogo
JogoVogo
P
Question Drupal CMS 1.0 with Plesk: Composer PATH issue for automatic updates
Replies
7
Views
1K
horvan
H
H
Question SSH user can see other subdomain directories even with chrooted shell?
Replies
3
Views
567
Raul A.
R
QWeb Ric
Resolved Removing PHP from chroot template
Replies
5
Views
1K
QWeb Ric
QWeb Ric
Back
Top