How To Enter Into User's CageFS As Root?
This capability is built into the main executable program for the CageFS package (cagefsctl) and as a result, should be always available as long as you have the main CageFS package (cagefs-7.1.8-1.el7.cloudlinux.x86_64) installed. Here is how you are able to enter a user's cagefs as root:
cagefsctl —enter $username
cagefsctl —e $username
Note: You need to first make sure that the user has cagefs enabled via this command:
cagefsctl --user-status $username
How To Run A Command Inside CageFS?
Note: For this feature to work you will need the lve-wrappers package on your server. And this feature is only available on version lve-wrappers 0.6-1 and above.
Sometimes you will need to execute a command as user inside CageFS. If a user has shell enabled - you can simply use:
/bin/su - $USERNAME -c “_command_”
However, if a user has their shell disabled, it wouldn't work. To solve this issue, Cloudlinux has added the following command:
/sbin/cagefs_enter_user $USERNAME “_command_”
If you disable CageFS for a user, then
cagefs_enter will be executed without
You can forcibly disable
cagefs_enter start via
proxyexec for all users (regardless if CageFS is enabled or disabled) by specifying the parameter cagefs_enter_proxied=0
/bin/cagefs_enter.proxied can be executed instead of /bin/cagefs_enter to enter CageFS without
proxyexec . Note that starting
proxyexec is necessary to enable sending local notification messages to users with enabled CageFS.
cagefs_enter is executed via
proxyexec by default.