[ CageFS 6.0-34+]
CageFS --sanity-check utility allows to check CageFS configuration consistency, so that an administrator can save the time investigating issues with CageFS and ensure that custom configuration is correct.
To start run the command:
At the moment 7 types of check are implemented:
1.Check cagefs mount points exists - reads cagefs.mp file and verifies if the directories specified in it really exist on the disk. To learn more visit https://docs.cloudlinux.com/index.html?mount_points.html and https://docs.cloudlinux.com/index.html?split_by_username.html
2.Check cagefs users.enabled is directory - ensures that if /etc/cagefs/users.enabled exists, then it is a directory, not a file (if it is recognized as a file, then it would cause a breakdown).
3.Check cagefs users.disabled is directory - ensures that if /etc/cagefs/users.disabled. exists, then it is a directory, not a file (if it is recognized as a file, then it would cause a breakdown).
4.Check cagefs disable.etcfs exists - checks if /etc/cagefs/etc.safe/disable.etcfs exists.
5.Check cagefs users can enter cagefs - chooses two users in the system with enabled CageFS (the first and the second ones in the unsorted list) and tries to log in to CageFS under their credentials and see what happens. It runs su -l "$USER" -s /bin/bash -c "whoami" and compares the output with the $USER and su command retcode estimation.
Note. If log in fails, it can be on different reasons, that can only be determined in manual mode. The checker only gives the output of the command.
6.Check cagefs proxy commands configs are parsable - tries to load /etc/cagefs/*.proxy.commands files and parse them to check the syntax. In case of any parsing error the test will fail. To learn more visit https://docs.cloudlinux.com/index.html?executing_by_proxy.html.
7.Check cagefs virt.mp files syntax - reads all /var/cagefs/*/*/virt.mp files (if any) and checks their syntax validity. At the moment there are only two checks of the syntax: the file is not empty if it exists, and the file is not starting with the sub directory definitions (with @). To learn more visit https://docs.cloudlinux.com/index.html?per_user_virtual_mount_points.html
Possible results of the checks:
•OK - the check succeeded.
•FAILED - the check revealed a problem.
•SKIPPED - the check was skipped as it made no sense in such environment (e.g. wrong control panel) or can not be performed for some reason (e.g no users with enabled CageFS found). The actual result does not mean that a problem exists and can be considered as positive.
•INTERNAL_TEST_ERROR - the check failed because of a problem inside the checker itself. Must be reported to the developers.
In case if at least one of the checks resulted neither OK nor SKIPPED then the checker will end with ret code >0.