Wondering how to add binary to CageFS for all users? We can help you.

As part of our Server Management Services, we assist our customers with similar queries.

Today, let us see how our Support techs assist with this process.

How to add binary to CageFS for all users?

When using CageFS, users may not have access to all commands.

If the command is associated with a package, you can use the instructions below to make te command available for all users:

Firstly, use the –addrpm option with the cagefsctl command:

cagefsctl --addrpm {your-command-here}

For example:

cagefsctl --addrpm rsync

Today, let us see the steps followed by our Support Techs to perform this task:

Method #1 – For adding commands or binaries that are provided by an RPM package

1. Firstly, login to the server as the root user via SSH or Terminal

2. Then, use the cagefs command with the –addrpm option to add the desired RPM package.

cagefsctl --addrpm nmap

NOTE: The –delrpm option can be used to remove RPMs that you have added in this manner.
NOTE: In this example we are adding the nmap utility to CageFS for demonstration purposes. You probably do not want to make this specific utility available to users without fully understanding the potential consequences.

3. Update the cage with the new package with the following command to make it available to all users:

/usr/sbin/cagefsctl --force-update

Method #2 – For adding individual binaries manually with Filesystem Templates

1. Firstly, login to the server as the root user via Terminal or SSH

2. Then, create a new file with a name that makes sense for the binary that you are adding. For example:

touch /etc/cagefs/conf.d/myCustomBinary.cfg

NOTE: Do not edit existing files in the /etc/cagefs/conf.d directory. CloudLinux updates will remove changes to files provided by CloudLinux, so a new file is required for any customizations.

3. Open the file that you created with the text editor of your choice and add the following configuration.

Be sure to update the specifics to match your own binary:

[my-custom-binary]
comment=This is a binary that is not typically found inside of CageFS.

paths=/bin/my-custom-binary, /usr/bin/another-custom-binary

4. Then update CageFS to include the changes:

cagefsctl --force-update

[Stuck in between? We’d be glad to assist you]

Conclusion

In short, today we saw steps followed by our Support Techs to add binary to CageFS for all users.