Usermin user can view directory tree even though most of said tree cannot be accessed (chroot jailed). results in lots of errors

2 posts / 0 new
Last post
#1 Wed, 03/13/2019 - 18:46

Usermin user can view directory tree even though most of said tree cannot be accessed (chroot jailed). results in lots of errors

logged into usermin file manager as an account on the virtual server that i just created using virtualmin itself. I did nothing manually!

I enabled chroot jails, and the user is chrooted to a jail.

trouble is, when one selects the file manager, the user is then able to view a very large directory tree in usermin file manager. If the user then attempts to navigate using the directory tree, they simply get repeated errors one after the other on anything they click on saying essentially "you dont have permission to access this".

the only way to navigate without errors is to use the linear tree that runs horizontally above the actual directory window itself.

This is a terrible way to have this programme and something is seriously wrong here. A person without the right level of access should not be able to view directories with root:root ownership? If they are in a jail, surely that is the only directory said user can view in the hierarchy tree in usermin filemanager?

I sense either i have something seriously stuffed up (and i dont know how that can be when virtualmin was insalled on a fresh system with the automated installer script), or there is a major problem here.

In the meantime, i am going to have to close port 20000 to usermin completely until this gets resolved.

I ahve tried to search forums to find anything about it, but not really seeing anything. If anyone has links to help out with this it would be appreciated.

Wed, 03/13/2019 - 19:06

i also forgot to mention...i do not have any problems with the usermin file manager when i dont chroot jail the virtual server user in virtualmin>administration options>Edit owner limits> Chroot jail domain unix user

So i have one virtual server where usermin file manager appears to be viewing the correct user:group directories (ie virtual server owner:virtual server owner) when i am not using chroot jail.

And i have a second virtualmin virtual server where i do use chroot jail....shit hits the fan and i have the above mentioned problems as outlined in the title of this thread.

see image of what i am talking about

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin

Topic locked