As a server admin, I've recently made a huge mistake and removed user data inadvertently. The mistake happened because of the way that I have my filesystem setup. The OS is FC4, and the environment is multiuser and educational. To ease access to data on the server, we've approached the system build with multiple groups and users, with shared write access to many resources that are needed for class. With the idea of moving toward a fully chroot jailed environment, I had to consider access to files in areas like /var. For example, the use of darcs repositories. I created a directory /var/www/darcs, and granted write permission to the darcs group. To allow chrooting, I then mounted that directory into the user's home directories:
/var/www/darcs /home/[username]/repos none bind 0 0
This works quite well, and allows me to prevent the use of sym links, making ftp maintenance easier etc. Unfortunately, what I didn't consider was how I normally go about removing old user directories. My normal process of doing this is:
$ userdel [user]
$ rm -rf [user]
Well, because of my filesystem structure, and the fact that the /var/www/darcs directory is directly mounted in the user's home directory, the rm -rf [user] command decended into each directory within the users home directory, including the /var/www/darcs directory, and now, I have destroyed that data. I don't believe that data was production yet, but the professor spent time getting those areas setup for the students to use.
So, what's my question? Well, thinking of chroot jails, vsftp not allowing symlinks, and many other problems associated to symlinks, how would you suggest I setup the system to allow full chroot jails, and also access to shared locations of the filesystem, protecting them from stupid mistakes like mine?
Thanks for any and all suggestions!