Skip to main content

Adding GIT to ISPConfig jailkits

How to add the GIT ecosystem to one/all jailkit(s) in ISPConfig
#

ISPConfig comes with jailkit enabled so that the “clients” that login via ssh are limited to a chroot shell with only some specific command. Every client website has its own jailkit.

Enabling a command in an existing jailkit
#

If some of your ISPConfig clients need to use the GIT ecosystem you may need to enabled it in the jailkits.

By default the websites jailkits resides in /var/www/clients/clientX/webY so with the jk_cp command you can enable a specific command only in one website jailkit as follow:

jk_cp -j /var/www/clients/clientX/webY/ /usr/bin/git*
jk_cp -j /var/www/clients/clientX/webY/ /bin/uname
jk_cp -j /var/www/clients/clientX/webY/ /usr/share/git-core

Enabling a command in all jailkits
#

First we need to add an entry for the command in the jailkit init file /etc/jailkit/jk_init.ini:

[git]
comment = Fast Version Control System
executables = /usr/bin/git*, /bin/uname
directories = /usr/share/git-core
includesections = editors

Then in the ISPConfig section System -> Server Config -> Jailkit we need to add the block name we used in the jk_init.ini file.

Now every new jailkit will automatically have GIT enabled.

But I want it enabled in old ones too!
#

Then you can use this script to update all your jailkits. Copy it in your system path (/usr/local/sbin/), make it executable (chmod +x /usr/local/sbin/jk_updater_isp) and run it!

You can even add a cronjob to keep all your jails updated!