Skip to main content

Jailed Shell/Disabled Shell prevents Email Piping

Comments

26 comments

  • cPanelMichael
    re: Jailed Shell/Disabled Shell prevents Email Piping Hello :) Could you let us know how you have setup the filter/pipe exactly? Also, does the issue persist when you enable normal shell access on the account? Thank you.
    0
  • sparek-3
    re: Jailed Shell/Disabled Shell prevents Email Piping This might have been a permission issue. I seem to see that this problem can be raised if there is a permission problem either with the script or with one of it's parent directories. I don't know if the client figured this out or what, I don't seem to be seeing the issue any more, and the client hasn't responded.
    0
  • cPanelMichael
    re: Jailed Shell/Disabled Shell prevents Email Piping Feel free to let us know if the issue persists and we can investigate further. Note that cPanel version 11.42.1.1 did address a similar issue: Fixed case 83797: Deliver all local mail outside the jail when inside the jail. Thanks.
    0
  • BlueSteam
    Hi, If I enable Jail Shell or disable shell altogether for a specific account, their email piping breaks completely. The mail is received in the inbox but the pipe program doesn't work at all. If I enable Normal shell for the user, then the Email Piping works again. The specific account I am trying to get working with jail shell is a reseller account. EDIT: I forgot to mention my server versions: CENTOS 6.6 x86_64 " ssdsvr01 WHM 11.46.2 (build 0) Please can someone assist me in figuring this one out? Thanks BlueSteam
    0
  • dan_haworth
    I too have been seeing this issue this morning since the upgrade to WHM 11.46.2 (build 2). All piped email if failing with the following error in exim_mainlog: R=virtual_aliases_nostar T=jailed_virtual_address_pipe: Child process of jailed_virtual_address_pipe transport returned 1 from command: /usr/local/cpanel/bin/jailexec Enabling normal shell for the account in question does work around the issue for now (thanks for the tip BlueSteam! - saved me some headaches..) Hope that helps, --dan [COLOR="silver">- - - Updated - - - Just thought I would add, email piping on jailed shell accounts has been working flawlessly for months until last nights update to build 2, everything since has failed.
    0
  • Infopro
    Please feel free to open a ticket directly to cPanel Technical Support about this if you like.
    0
  • dan_haworth
    Since I'm not directly responsible for these cPanel boxen (or have a support login) I've advised the powers that be of the issue and that they should log a ticket. Now I have to get back to solving other network related problems.. It's just being one of those days!! ^.^ Cheers! --dan
    0
  • okeith
    re: Jailed Shell/Disabled Shell prevents Email Piping This problem seems to have resurfaced today, scritps that were working yesterday now do not. We're using version 11.46.2 (build 2) and getting: "Child process of jailed_virtual_address_pipe transport returned 1 from command: /usr/local/cpanel/bin/jailexec". Would you advise enabling normal shell access until the issue is corrected?
    0
  • Infopro
    Merged two threads with similar issue here.
    0
  • okeith
    Thanks for merging, sorry for resurrecting tickets unnecessarily... Here's hoping there's something in the pipeline because the "enable normal shell" workaround is less than preferable for obvious reasons.
    0
  • JamieD
    I'm having this same issue also, email piping stopped working today. Switching to normal shell allowed the piping to start working again.
    0
  • cPanelMichael
    Hello :) Internal case number 156285 is open to address an issue where updating to cPanel version 11.46.2.2 results in the following error when calling the jailed_virtual_address_pipe transport: jailed_virtual_address_pipe: Child process of jailed_virtual_address_pipe transport returned 1 from command: /usr/local/cpanel/bin/jailexec
    There's currently no specific time frame available on the publication of a resolution, but I'd expect a quick turnaround time due to the nature of this bug. Feel free to monitor our change log for the inclusion of the case number: 11.46 Change Log Thank you.
    0
  • Saurabh Singla
    I was able to fix this issue by making the following changes: In your exim configuration file that is /etc/exim.conf comment the following code with # as mentioned: ======== jailed_virtual_address_pipe: driver = pipe #force_command #command = /usr/local/cpanel/bin/jailexec $address_pipe #user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" #group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" return_output =============
    0
  • egillette
    Just adding to this thread -- same issue here -- started today around 8AM. Switching to normal shell did resolve the issue for now.
    0
  • jandafields
    Same here ... this is a significant problem, not that it is hard to workaround, but it affects a lot of people without warning and without an obvious fix other than this thread in the forum.
    0
  • schoeps
    So glad I found this thread, we were pulling our hair out!
    0
  • Jcats
    [quote="schoeps, post: 1813741">So glad I found this thread, we were pulling our hair out!
    Ha, as were we!
    0
  • cPanelMichael
    New builds have been published to address internal case 156285. You can manually update cPanel via "/scripts/upcp" if you prefer to update right away. Thank you.
    0
  • BlueSteam
    After running /scripts/upcp and retesting this bug, it still fails. This has not been resolved.
    0
  • cPanelMichael
    Please post the output from: cat /usr/local/cpanel/version
    Also, do you notice the same error message in /var/log/exim_mainlog? Thank you.
    0
  • JonTheWong
    11.54.0.0 still shows this error. tail -1000 /var/log/exim_mainlog | grep 1aJ7dO-0003EH-42 2016-01-12 17:41:54 1aJ7dO-0003EH-42 H=ex01.domain.tld (domain.tld) [72.143.45.158]:25271 Warning: "SpamAssassin as XXXXX detected message as NOT spam (1.6)" 2016-01-12 17:41:54 1aJ7dO-0003EH-42 <= marna@domain.tld[/EMAIL] H=ex01.domain.tld (domain.tld) [72.XXXXXXXX]:25271 P=esmtps X=TLSv1:AES128-SHA:128 CV=no S=100568 id=D594D704B1F8B34BAB7A4A19D06627400B9C3C9C@SRV-MAR-2010.Mar.local T="RE: [Ticket ID: 457782] - Website Form" for hello@user.tld[/EMAIL] 2016-01-12 17:41:54 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1aJ7dO-0003EH-42 2016-01-12 17:41:54 1aJ7dO-0003EH-42 ** |/usr/local/bin/php -q /home/user/whmcs/crons/pipe.php (hello@user.tld) R=virtual_aliases_nostar T=jailed_virtual_address_pipe: Child process of jailed_virtual_address_pipe transport returned 1 from command: /usr/local/cpanel/bin/jailexec 2016-01-12 17:41:54 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1aJ7dO-0003EH-42 2016-01-12 17:41:55 1aJ7dS-0003Er-NP <= <> R=1aJ7dO-0003EH-42 U=mailnull P=local S=102213 T="Mail delivery failed: returning message to sender" for marna@domain.tld[/EMAIL] 2016-01-12 17:41:55 1aJ7dO-0003EH-42 Completed /etc/valiases/user.tld hello@user.tld[/EMAIL]: "|/usr/local/bin/php -q /home/user/whmcs/crons/pipe.php" I can confirm that after setting this account to "Normal Shell" it started to work normally. This is a quick fix; but does not resolve the core issue. This client is partially trusted but i'd still sleep better knowing he is in jail then letting his scripts take over.
    0
  • cPanelMichael
    I can confirm that after setting this account to "Normal Shell" it started to work normally. This is a quick fix; but does not resolve the core issue. This client is partially trusted but i'd still sleep better knowing he is in jail then letting his scripts take over.

    Could you open a support ticket using the link in my signature and post the ticket number here? Thank you.
    0
  • JonTheWong
    Ticket #7430475
    0
  • quizknows
    Out of curiosity have you checked to see if the user can execute /usr/local/bin/php from within a jailed shell login (like over ssh)?
    0
  • JonTheWong
    Out of curiosity have you checked to see if the user can execute /usr/local/bin/php from within a jailed shell login (like over ssh)?

    Based on my diagnostics; he's able to run cron jobs using php NOT WORKING -> /usr/local/bin/php -q /home/user/whmcs/crons/pipe.php WORKING -> 0 0 * * * php -q /home/user/whmcs/crons/cron.php /etc/valiases/user has been broken when adding pipes for a while; We had a to manually edit the file billing@user.tld: "|/usr/local/bin/php -q /home/user/whmcs/crons/pipe.php" ^ had to be put in quotes and added the full path for it to work in 11.52 billing@user.tld: |php -q /home/user/whmcs/crons/pipe.php ^ 11.54 still removes quotes and breaks the pipe
    0
  • quizknows
    Very interesting. It does seem like the quotes would be necessary. Cron is an interesting beast; it doesn't get all the environment variables for PATH and other things that an interactive login shell is provided with. This is why often times you have to provide a full path for a cron where the command works on CLI without the full path. I hope they get this resolved for you.
    0

Please sign in to leave a comment.