Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am running SSHD and allow different people to login remotely. Is there a way to restrict them to specific directories?. For example if guestuser logs in, how can I allow him to search on his /home directory and another specific directory?. Also, is there a way for him to write in his home directory, but the other directory he can only read?
I hope I explained myself well
Create a new group, such as sshgroup, and add the users you want to it. Then, create a directory, such as /home/sshgroup, and chown it to root:sshgroup, and chmod it to 0750. This will give root full access to the directory, and the group read/execute access, but not write. Since users can't create files in this dir, you don't have to worry about changing the permissions on new files.
But what I want is something like this.
if I am guest, when I log in, I go to the /home/guest directory where I can read-write-execute, but I also can only read a specific directory. Is there a way to do that??
Yes, something like that. I want the user to read-write his home directory and to read only a completely different one.
/home/guest = read-write -execute
/files/music = read-only
And no permission to any other directories in the upper levels
Well, they have to have normal user access to the upper directories to be able to do anything after they have SSHed into the system. They will need /bin, /usr, etc. It's just like they are logging-in to the computer at the keyboard... Each user will already have full access to his home dir. As root, make a /home/music and give it 0775 permission. This will allow anybody to read / execute in the directory.