How to Create Custom Jailed Shell Mounts

Last modified: February 19, 2024


Overview

You can create custom jailed shell mounts to let users access additional directories on the server. You can also allow custom access to files.

Create custom mounts

You can create custom mounts for files and directories.

Important:

Custom mounts are read-only for jailshell users.

Add directories to a custom mount

To add directories to a custom mount, perform the following steps:

  1. Create the /var/cpanel/jailshell-additional-mounts file with your preferred editor.

  2. In this new file, add each directory as an absolute directory path on a separate line. For example:

    1
    2
    3
    
    /usr/local/test1
    /usr/local/test2
    /usr/local/test3
    Warning:

    Do not use relative paths or append trailing slashes to the directory names. For more information, read the Specifying paths section below.

  3. Save the file.

Add files to a custom mount

To add files to a custom mount, perform the following steps:

  1. Create the /var/cpanel/jailshell-additional-files file with your preferred editor.

  2. In this new file, add each file as an absolute directory path on a separate line. For example:

    1
    2
    3
    
    /usr/local/test1.txt
    /usr/local/test2.txt
    /usr/local/test3.txt
    Warning:

    Do not use relative paths. For more information, read the Specifying paths section below.

  3. Save the file.

Specifying paths

You cannot use relative paths, and you can’t append a trailing slash to the directory names. For example, if you wish to add the /usr/local/test1 directory, add it in the following format:

/usr/local/test1

Do not enter the path in these formats:

  • test1 — This is a relative path.
  • test1/ — This is a relative path and contains a trailing slash.
  • /usr/local/test1/ — This contains a trailing slash.
  • /usr/localtest1 /usr/local/test2 /usr/local/test3 — These are not on separate lines.
Warning:

If you do not format the file and directory paths correctly, your server may fail.

Unmount a custom mount

Important:

You cannot remove an entry in the /var/cpanel/jailshell-additional-mounts file to unmount a custom mount. To unmount the custom mount, use the umount command.

To unmount the /usr/local/example directory, run the following command, where username represents the cPanel user:

umount /home/virtfs/username/usr/local/example

The system does not unmount custom mounts when the user logs out of the jailed shell account.

Additional Documentation