Issue
- When login to a server the following warning appears:
!!!! WARNING: YOU ARE INSIDE LVE !!!!"
- CageFS enabled SSH users can list others home directories names
Environment
- CloudLinux OS
Solution
1. Login as the server root and perform the following:
yum reinstall pam_lve
2. After you install RPM, ensure that the following lines were added into the PAM config files:
session required pam_lve.so 500 1 wheel,other
Where:
-
500: This is the minimum UID. Users with a UID below this number (likeroot, which is 0) are not placed into an LVE. -
1: This is the minimum GID. -
wheel,sysadmins: This is a comma-separated list of groups to exclude from LVE.
pam_lve.so [min_uid] [min_gid] [group1],[group2]
If not:
Add the user USERNAME to the wheel group:
sudo usermod -aG wheel USERNAME
3. The PAM configuration files location is the following:
/etc/pam.d/sshd
/etc/pam.d/su
Cause
Misconfigured PAM LVE module.
This warning shown because once such user gains root, a user will be inside LVE, and all applications restarted by that user will be placed inside that user LVE as well.
This behavior can be avoided by adding the user/group into a 'wheel' group, as such users will not be placed inside LVE.
If needed, extra users/groups, that will not be inside LVE, can be added by following instruction from LVE PAM module
Useful links
More information can be obtained here:
Comments
0 comments
Please sign in to leave a comment.