Tag Archives: CageFs

14Jun/16

Move cagefs-skeleton directory from /usr/share to another partition

CageFS is a virtualized file system and a set of tools to lock each system user in its own ‘cage’. Each customer will have its own fully functional CageFS, with all the system files, tools, etc.  For a cageFS enabled user only safe binaries are available, user will not see any other users  etc are the main benefits of CageFS.

CageFS creates individual namespace for each user, making it impossible for users to see each other’s files and creating high level of isolation. These safe files for each users are created by default on a folder location /usr/share/cagefs-skeleton.

Sometimes you need to move this cagefs-skeleton directory  from /usr/share to another partition like /home due to low free disk space available in the /usr partition. Below are the steps we used to achieve the same.

# cagefsctl --disable-cagefs 

This command will disable cagefs in the server.

 #  cagefsctl --unmount-all

This command will unmount all mount points created by cagefs.

To ensure all mount points created by cagefs are unmounted successfully please issue below command.

# cat /proc/mounts | grep cagefs 

if you see any cagefs entries, execute “cagefsctl –unmount-all” again and cagefs still exists please issue below command.

# /usr/share/cagefs-plugins/hooks/jail_shell_disable.sh

# mv /usr/share/cagefs-skeleton /home/cagefs-skeleton 

This command will move the folder from /usr to /home (which is having more free disk space).

 #  ln -s /home/cagefs-skeleton /usr/share/cagefs-skeleton

This commnad will create a softlink from /usr/share/cagefs-skeleton to /home/cagefs-skeleton where the actual files exits.

 # cagefsctl --enable-cagefs

This command will enable cagefs in the server.

If we doing this in cPanel servers, then in cPanel WHM choose “Server Configuration” and go to “Basic cPanel/WHM Setup”, then change Additional home directories default value to blank not “home”. If we haven’t set this option, then cPanel will create new accounts in incorrect places.

We encourage your valuable comments below if you encounter any issues while following this article.

08Oct/13

Premature end of script headers: wredirect.cgi

If you are getting Internal Server Error while doing /webmail /whm /cpanel , please check the apache error log.

For us it was like the below error

[Tue Oct 08 08:14:44 2013][error][client x.x.x.x] Premature end of script headers: wredirect.cgi
[Tue Oct 08 08:14:44 2013][error][client x.x.x.x] File does not exist: /home/user/public_html/500.shtml

A temporary fix is to disable Suexec from WHM from the drop down at  Home »Service Configuration »Configure PHP and suEXEC and save. But in this case you are compromising the security.

This is actually a known bug  and if you are using cagefs then please do the below steps to fix this permanently

cagefsctl --remount-all
service proxyexecd restart

Continue reading