Unix user associated with Virtualmin not jailed

TheRobLP · July 29, 2025, 12:15pm

SYSTEM INFORMATION
OS type and version	Ubuntu 24.04.2 LTS
Virtualmin version	7.30.8

So, I am having an issue with Virtualmin regarding jailkit. I made a virtual server with a user that is supposed to be able to login to SSH. But the issue is, I don’t want him to have access to all files. Currently the user can cd outside of the home directory and read files, but I want to contain the user to his home directory. I read that there should be an option called “Chroot jail domain Unix user?” somewhere, but I can’t seem to find it. Any help would be appreciated

Thanks in advance!

Joe · July 30, 2025, 4:14am

You can only jail the domain owner user, as far as I know.

Ilia · July 30, 2025, 7:38am

Do you mean a jailed user? If so, this user will only see itself in /home, and all other files like /etc will also be part of the jail.

Joe · July 30, 2025, 6:50pm

They said they see no option to jail the user, which means they aren’t talking about a domain owner user, they’re talking about an ssh user created in the Edit Users page for a domain, which, as far as I know, cannot be jailed in the Virtualmin UI (no technical reason there couldn’t be such an option, but I don’t believe there is).

Ilia · July 30, 2025, 7:00pm

No, those are also jailed.

Are you talking about a top-level virtual server or a sub-server? If it’s the latter, there was a bug I just fixed a few days ago that didn’t jail additional users for the sub-server. It is supposed to work for the top-level domain already though.

TheRobLP · August 1, 2025, 7:17am

Hey there. The issue is about a top-level virtual server.

Ilia · August 1, 2025, 8:27am

Can you grep on the username in /etc/passwd after creating it when the jail for the domain is enabled?

stefan1959 · August 1, 2025, 8:29am

I tested a dev machine, you can get past /home (for a user, not domain owner)but it limited and I guess its for the limited commnds the user can use correct?

TheRobLP · August 3, 2025, 10:32am

I can’t enable the jail. The option is not there. Just had a thought: Is it because I am using the GPL version of Virtualmin?

Ilia · August 3, 2025, 10:35am

No, that’s not the reason. Basic jail functionality is available in the GPL version too.

What is the output of the following commands on your system:

uname -a
cat /etc/os-release
webmin --versions
dpkg -l jailkit

TheRobLP · August 3, 2025, 3:43pm

Okay, so: I don’t know what the heck was wrong because I am 100% certain I never touched any Jailkit config before but I tried just re-installing Jailkit and it worked for some reason.

Joe · August 3, 2025, 8:18pm

If you installed using our install script according to our documentation, you should have already had jailkit installed.

TheRobLP · August 4, 2025, 10:20am

No, here is the thing: JailKit WAS installed. But Virtualmin didn’t pick it up for some reason. The funny thing is, the Webmin part of the program did recognize it.

Ilia · August 4, 2025, 10:55am

Either way, we’re glad to hear you managed to figure it out.

system · August 12, 2025, 10:56am

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.