Use this guide to convert your CentOS/AlmaLinux server to CloudLinux and install CageFS for secure, isolated user environments.
1. Download CloudLinux Deployment Script
wget http://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy2. Run the Deployment Script
sh cldeploy -iThis will start converting your current OS to CloudLinux. The server must be licensed for CloudLinux. You can purchase a license or activate a trial from CloudLinux Portal.
3. Reboot the Server
reboot4. Install CageFS
After rebooting into CloudLinux:
yum install cagefsEnable CageFS:
cagefsctl --initEnable CageFS for all users:
cagefsctl --enable-all5. Exclude Certain Binaries from CageFS
On some servers, it’s recommended to exclude the following binaries:
/usr/bin/rsync
/usr/bin/crontab
/usr/bin/ssh-keygenTo exclude them:
- Create or edit the exclusion file:
nano /etc/cagefs/conf.d/binutils.cfg- Add the following lines:
[binutils]
comment=Exclude potentially risky tools
paths=/usr/bin/rsync,/usr/bin/crontab,/usr/bin/ssh-keygen- Force update CageFS:
cagefsctl --force-update6. Add Packages to CageFS (Optional)
If you later want to add rsync or other tools back to CageFS for specific use cases:
cagefsctl --addrpm rsync
cagefsctl --updateResources
- Official docs: CloudLinux Filesystem Templates