Shell-User fails to connect
Shell user cannot log in to server if jailkit (v2.21) is enabled
User should be able to login to the jail/chroot of the website
Server OS: debian Server OS version: buster ISPConfig version: 3.1.15p3
- set up a new server according to this tutorial
- As described in section 16, version 2.20 of Jailkit is installed
Result (as expected): the shell user can use Jailkit
The problem occurs if the repo 'buster-backports' is activated in the sources.list file. There the newer version 2.21 of Jailkit is included.
jailkit/buster-backports 2.21-2~bpo10+1 amd64 [upgradable from: 2.20-1]
As soon as this version is installed via upgrade, a shell user can no longer log on to the server when Jail is active.
Downgrading back to version 2.20 restores the previous functionality, if the installed
jk_init.ini is kept
Configuration file '/etc/jailkit/jk_init.ini' ==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** jk_init.ini (Y/I/N/O/D/Z) [default=N] ? n
As mentioned on the Jailkit website, the outdated utility jk_addjailuser has been removed in the new version
In the short term, a note/warning should be included in the above-mentioned tutorial. Maybe a note can be added on how to block the automatic upgrade of Jailkit (
~# apt-mark hold jailkit).
If my suspicion is correct that the missing utility jk_addjailuser causes the issue, the related scripts should be modified for future ISPConfig installations.