InstantSSH v2.0.0 unknown error when creating SSH permissions

MR_LOLKOPF · Oct 14th 2014

Hello!

First: Nuxwin, thanks for your great plugin!!!! I will donate soon, when PayPal finally unlocked my account. Long story. Some problems with an customer at eBay...

Some specifications:

Debian 7.6 (Wheezy)
today updated to the newest version from the 1.1.x branch
Apache FPM
Dovecot

The log file /var/log/imscp/Plugin_module_InstantSSH.log is empty.

So, when I create an SSH Permission, the status is "Unknown error". I tried it with 2 different customers. In the SQL table "instant_ssh_permissions" under "ssh_permission_status" the fields are clear. I've added some screenshots.

What's wrong? My fault?

Thanks in advance!

**Nuxwin** · Oct 14th 2014

@MR_LOLKOPF

Hello ;

Please, enable the debug mode in the imscp.conf file, set the ssh_permission_status field to tochange in the instant_ssh_permissions table and then run as root:

Shell-Script

# perl /var/www/imscp/engine/imscp-rqst-mngr

Once you get an error, post the output and the /var/log/imscp/Plugin_module_InstantSSH.log content here

MR_LOLKOPF · Oct 14th 2014

Hello,

here the /var/log/imscp/Plugin_module_InstantSSH.log file:

Code

[Tue Oct 14 15:48:27 2014] [debug] iMSCP::EventManager::register: Registering listener on the 'onBeforeAddImscpUnixUser' event from Plugin::InstantSSH::_init
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::EventManager::register: Registering listener on the 'beforeHttpdDelDmn' event from Plugin::InstantSSH::_init
[Tue Oct 14 15:48:27 2014] [debug] Modules::Plugin::_exec: Executing Plugin::InstantSSH::run() action
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::execute: Executing command: /usr/bin/pkill -KILL -f -u vu2014 sshd
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::getExitCode: External command exited with value 1
[Tue Oct 14 15:48:27 2014] [debug] InstantSSH::JailBuilder::addFstabEntry: Adding /var/www/virtual/domain1.de /var/chroot/InstantSSH/shared_jail/var/www/virtual/domain1.de$
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::File::save: Saving file /etc/fstab
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::execute: Executing command: mount 2>/dev/null | grep -q ' /var/chroot/InstantSSH/shared_jail/var/www/virtual/domain1.de '
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::getExitCode: External command exited with value 0
[Tue Oct 14 15:48:27 2014] [debug] InstantSSH::JailBuilder::addUserToJail: Adding vu2014 entry in /etc/security/chroot.conf
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::File::save: Saving file /etc/security/chroot.conf
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::execute: Executing command: /usr/sbin/usermod -d /var/www/virtual/domain1.de/./ -s /bin/ash vu2014
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::getExitCode: External command exited with value 8
[Tue Oct 14 15:48:27 2014] [debug] Plugin::InstantSSH::_addSshPermissions: usermod: user vu2014 is currently used by process 11093
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::execute: Executing command: /usr/bin/pkill -KILL -f -u vu2003 sshd
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::getExitCode: External command exited with value 1
[Tue Oct 14 15:48:27 2014] [debug] InstantSSH::JailBuilder::addFstabEntry: Adding /var/www/virtual/domain2.de /var/chroot/InstantSSH/shared_jail/var/www/virtual/domain2.de none bind $
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::File::save: Saving file /etc/fstab
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::execute: Executing command: mount 2>/dev/null | grep -q ' /var/chroot/InstantSSH/shared_jail/var/www/virtual/domain2.de '
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::getExitCode: External command exited with value 0
[Tue Oct 14 15:48:27 2014] [debug] InstantSSH::JailBuilder::addUserToJail: Adding vu2003 entry in /etc/security/chroot.conf
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::File::save: Saving file /etc/security/chroot.conf
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::execute: Executing command: /usr/sbin/usermod -d /var/www/virtual/domain2.de/./ -s /bin/ash vu2003
[Tue Oct 14 15:48:27 2014] [debug] iMSCP::Execute::getExitCode: External command exited with value 8
[Tue Oct 14 15:48:27 2014] [debug] Plugin::InstantSSH::_addSshPermissions: usermod: user vu2003 is currently used by process 9691

Display More

I hope this helps!

After I runned "perl /var/www/imscp/engine/imscp-rqst-mngr" the field "ssh_permission_status" has been cleared. In the output of the request manager is no error or something like that.

**Nuxwin** · Oct 14th 2014

@MR_LOLKOPF

Ok, it's a little bug (eg,the usermod command cannot modify some user properties when the user is already used by a process. For now, I only kill any SSH process which belong to the user but I forgot about CGI processes and CO

From man usermod

Code

...
CAVEATS
You must make certain that the named user is not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed. usermod checks this on Linux, but only check if the user is logged in according to utmp on other architectures.
...

In my code, I modify the use home... OUCH.

I'll fix that now by changing the homedir manually

Sorry for the disagreement

**Nuxwin** · Oct 14th 2014

@MR_LOLKOPF

Should be fixed. See https://github.com/i-MSCP/plug…9b4656ec56aff58cb90d85656

I'll release the version 2.0.1 now

**Nuxwin** · Oct 14th 2014

@MR_LOLKOPF

Ok, the new version 2.0.1 is now released. Update your current version, then change the status fields again to tochange if needed and try again

**Nuxwin** · Oct 14th 2014

@MR_LOLKOPF

Any news?

MR_LOLKOPF · Oct 14th 2014

@Nuxwin

Sorry for the late resonse, I was not @ home.

Status is now OK and I can connect without problems! GREAT!

Nuxwin, you're amazing!

MR_LOLKOPF · Oct 14th 2014

I'm not sure if this is normal behavior or not.

When I enter:

ls /var/www/virtual

as a customer, I can see all domains for which I enabled InstantSSH. Should this be so?

**Nuxwin** · Oct 14th 2014

Hello ;

This is normal because, by default, the plugin create a shared jail. In the shared jail, the customers can list the /var/www/virtual directory (so they can see the domains list) but they cannot look at their content normally. If you don't like such behavior, you must edit the plugin configuration file and set the shared_jail option to FALSE. Once it's done, you must update the plugin list to trigger change. The plugin will remove the shared jail and create a jail per customer. Be aware that this can take time (depending of number of user which have ssh permissions).

BTW: Next time, create another thread (one problem, one thread)

InstantSSH v2.0.0 unknown error when creating SSH permissions

Share

Daily visitors