Jailkit is an easy to use tool to create and maintain jail environments for shell users on Linux. In this guide, I will show you how to move PHP and its dependencies into the jail so that the jailed user can execute PHP scripts inside the jail.

Edit the jailkit .ini file and add a section for PHP at the end of the file

Open the jk_init.ini file with an editor:

nano /etc/jailkit/jk_init.ini

and paste the following lines at the end of the file:

[php]
comment = the php interpreter and libraries
executables = /usr/bin/php5
directories = /usr/lib/php5, /usr/share/php, /usr/share/php5, /etc/php5, /usr/share/php-geshi, /usr/share/zoneinfo
includesections = env

[env]
comment = environment variables
executables = /usr/bin/env

Then run the command:

jk_init -c /etc/jailkit/jk_init.ini -f -k -j /var/www/clients/client1/web1 php

To install PHP and it's dependencies into the jail.

Add PHP for all newly jailed shell users

To add PHP for all newly jailed shell users that you add in ISPConfig, follow these steps:

  1. Login to ISPConfig and go to System > Server Config
  2. Select the server and go to the jailkit tab.
  3. Add the word "PHP" separated by a white space at the end of the "Jailkit chroot app sections" field and press save.

ispconfig_jailkit

How to add PHP support for jailed SSH users in ISPConfig 3
Tagged on:         

6 thoughts on “How to add PHP support for jailed SSH users in ISPConfig 3

  • php script
    October 9, 2015 at 5:59 am
    Permalink

    Thanks for finally talking about > How to add PHP support for jailed SSH users in ISPConfig 3 < Loved it!

    Reply
  • Joseca
    April 28, 2016 at 4:38 pm
    Permalink

    Great tutorial, works perfect but I have a problem…
    When I use php5 command lots of libraries can’t be loaded, maybe I forgot something…

    Example warning:

    PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/lib/php5/20131226/pdo.so’ – /usr/lib/php5/20131226/pdo.so: cannot open shared object file: No such file or directory in Unknown on line 0

    I’m using debian 8.

    Any idea about how to fix this?

    Thanks.

    Reply
  • Charter Hosting
    August 9, 2016 at 3:32 am
    Permalink

    Do not use the [ B ][ / B ] tags around /usr/share/zoneinfo

    Example:
    directories = /usr/lib/php5, /usr/share/php, /usr/share/php5, /etc/php5, /usr/share/php-geshi, /usr/share/zoneinfo

    Also, if you use ioncube, add the path in the directories –

    Example:
    directories = /usr/lib/php5, /usr/share/php, /usr/share/php5, /etc/php5, /usr/share/php-geshi, /usr/share/zoneinfo, /usr/local/ioncube

    You may also need to add /usr/bin/php to the executables section.

    Example:
    executables = /usr/bin/php5, /usr/bin/php

    Reply
  • bbennett
    October 18, 2016 at 6:58 am
    Permalink

    Thank you for this tweak. Getting crons to work in ISPConfig has been a pain.

    Reply
  • jorge
    March 6, 2017 at 1:05 pm
    Permalink

    Please, update this post without [B] and [/B] at zoneinfo

    Reply
  • Nuke
    October 11, 2017 at 4:48 pm
    Permalink

    How does this change when using Ubuntu 16.04 which has php7.0? None of the php5’s are present.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*