Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
On my Fedora system, I want users to be only able to see their home directory and all the subfolders.
Right now, when I add a new user using "useradd", they can all see the content in every directory, even the "/".
What can I do to achieve this?
You'll need to use a chroot in order to achieve this.
Note, however, if they are in a chroot, they need a copy of EVERY program, even things like /bin/ls, that they will want to run, in their home directory (i.e., /home/USERNAME/bin). This can be accomplished, I think, by using hardlinks to the real files. Of course, that would only work if /home and /bin reside on the same partition. Most likely, you'll need to make full copies (or explore alternatives, like using busybox, and creating a /home/bin to which you can make hardlinks for each user).
One question about chroot:
I've managed to create a chrooted env for a user that i need in order to connect through ssh
so i copied all the needed files and created a second 'virtual hierarchy'.
The thing is:
When i connect through an ssh client, the hierarchy has:
Is there some way to make all the folders except home invisible?
Originally posted by or1onas i'll try that later and i'll tell you if it works...
btw, i did 'chmod o-r' for /usr,/bin,/dev,/lib.
Does that make a recursive change on the files too?
Not unless you did "chmod -R o-r [directory]".
I don't know if it matters, but I think you still have the subdirectories in /usr etc. listable as long as a user can guess their names (which shouldn't be too difficult for the standard directories). Why are you doing this anyhow?
You're right about the directories being listable if guessed (which is not to difficult of course), but no dir listing access is given to them to by chmod -r.
So the user can only get inside his home folder and try to cd to /bin,/lib,etc but he gets a permission denied if he tries to do an ls...
I've already said that i set up an ssh server for sftp and i created a chrooted environment for security reasons...