This object is in archive!
option to turn off jailshell for crontab
Open Discussion
With recent releases of 11.38 crontab's are now run using jailshell even if no shell access is given to a user. Please can there be an option to switch this back to previous behaviour, presumably by using normal shell as default for crontab.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
The nosuid option breaks sendmail.
The nosuid option breaks sendmail.
Not all hosting providers want to force jailshell for this. It tends to leave orphaned virtfs mounts open, and this causes problems when trying to reboot a server.
Not all hosting providers want to force jailshell for this. It tends to leave orphaned virtfs mounts open, and this causes problems when trying to reboot a server.
Submitting this possible fix from a user. Please note that this change is meant as a suggestion to the developers, and will not function as a work around, since the code that actually handles this is compiled into the binary.
/usr/local/cpanel/Cpanel/Cron/Edit.pm
<code>
#Return value indicates whether the contents changed.
sub _force_crontab_shell {
my ( $contents_sr, $shell ) = @_;
+ return 0 if (-e "/var/cpanel/cronshell_disable");
my @crontab = split( m{\n}, $$contents_sr );
my @shell_lines = grep m{^\s*['"]?SHELL}, @crontab;
if ($shell) {
if ( scalar(@shell_lines) == 1 && $shell_lines[0] =~ m{^\s*SHELL\s*=\s*"?\Q$shell\E"?\s*$} ) {
return 0;
}
}
elsif ( !@shell_lines ) {
return 1;
}
</code>
Submitting this possible fix from a user. Please note that this change is meant as a suggestion to the developers, and will not function as a work around, since the code that actually handles this is compiled into the binary.
/usr/local/cpanel/Cpanel/Cron/Edit.pm
<code>
#Return value indicates whether the contents changed.
sub _force_crontab_shell {
my ( $contents_sr, $shell ) = @_;
+ return 0 if (-e "/var/cpanel/cronshell_disable");
my @crontab = split( m{\n}, $$contents_sr );
my @shell_lines = grep m{^\s*['"]?SHELL}, @crontab;
if ($shell) {
if ( scalar(@shell_lines) == 1 && $shell_lines[0] =~ m{^\s*SHELL\s*=\s*"?\Q$shell\E"?\s*$} ) {
return 0;
}
}
elsif ( !@shell_lines ) {
return 1;
}
</code>
Replies have been locked on this page!