Applicable to:
- Plesk for Linux
Symptoms
-
On a Linux-based server that runs Plesk Obsidian, Chrooted directories exist in the subscription's directory:
# ls -la /var/www/vhosts/example.com/
drwx--x--- 13 user psaserv 4096 Apr 24 10:02 .
drwxr-xr-x 546 root root 20480 Apr 24 10:00 ..
drwxr-xr-x 2 root root 4096 Apr 24 10:02 bin
drwxr-xr-x 2 root root 4096 Apr 24 10:02 dev
drwxr-xr-x 2 user psacln 4096 Apr 24 10:00 error_docs
drwxr-xr-x 2 root root 4096 Apr 24 10:02 etc
drwxr-x--- 5 user psaserv 4096 Apr 24 10:00 httpdocs
drwxr-xr-x 3 root root 4096 Apr 24 10:02 lib
drwxr-xr-x 2 root root 4096 Apr 24 10:02 lib64
drwx------ 2 user root 4096 Apr 24 10:00 logs
drwxrwxrwt 2 root root 4096 Apr 24 10:02 tmp
drwxr-xr-x 3 root root 4096 Apr 24 10:02 usr
drwxr-xr-x 3 root root 4096 Apr 24 10:02 var -
In Plesk > Domains > example.com > Hosting & DNS > Hosting the SSH access type is set to Forbidden:
-
In Plesk > Tools & Settings > Scheduled Tasks > Settings, the Crontab shell option is set to /bin/bash (chrooted):
-
In the Plesk configuration database (
psa
), in the tablemisc
, the parametercrontab_secure_shell_compatibility_mode
is not enabled:# plesk db
MariaDB [psa]> select param, val from misc where param = 'crontab_secure_shell_compatibility_mode';
Empty set (0.00 sec)
Cause
These folders are created upon multiple conditions:
-
Chrooted shell is enabled for the domain (in this case, the folders are removed, if it is disabled)
-
Command which uses OS binaries (like
wget
,curl
,echo
,cat
, etc..) is used in the Scheduled Tasks (in this case, the folders are created and will remain as is)
Resolution
-
Go to Tools & Settings > Scheduled Tasks (Cron jobs) > Settings.
- Set the option Crontab shell as /bin/sh and click OK or Apply to save the changes.
Click on a section to expand
-
Connect to the server via SSH
-
Delete the chrooted directories for the Subscription example.com by executing the following command:
# plesk sbin chrootmng --remove --target=/var/www/vhosts/example.com --source=/var/www/vhosts/chroot
Comments
0 comments
Please sign in to leave a comment.