How to add the GIT ecosystem to one/all jailkit(s) in ISPConfig #
ISPConfig comes with jailkit enabled so that the “clients” that login via ssh are limited to a chroot shell with only some specific command. Every client website has its own jailkit.
Enabling a command in an existing jailkit #
If some of your ISPConfig clients need to use the GIT ecosystem you may need to enabled it in the jailkits.
By default the websites jailkits resides in /var/www/clients/clientX/webY
so with the jk_cp
command you can enable a specific command only in one website jailkit as follow:
jk_cp -j /var/www/clients/clientX/webY/ /usr/bin/git*
jk_cp -j /var/www/clients/clientX/webY/ /bin/uname
jk_cp -j /var/www/clients/clientX/webY/ /usr/share/git-core
Enabling a command in all jailkits #
First we need to add an entry for the command in the jailkit init file /etc/jailkit/jk_init.ini
:
[git]
comment = Fast Version Control System
executables = /usr/bin/git*, /bin/uname
directories = /usr/share/git-core
includesections = editors
Then in the ISPConfig section System -> Server Config -> Jailkit
we need to add the block name we used in the jk_init.ini
file.
Now every new jailkit will automatically have GIT enabled.
But I want it enabled in old ones too! #
Then you can use this script to update all your jailkits. Copy it in your system path (/usr/local/sbin/
), make it executable (chmod +x /usr/local/sbin/jk_updater_isp
) and run it!
You can even add a cronjob to keep all your jails updated!