changing home directories help
I have a website set up and running, but now have a person who is going to help me with some design of the site, I am trying to create an account for him and have his home directory in the same directory as the site files but not have permission to stray elsewhere.
I added the user in the normal fashion adduser name passwd pass this created a directory /home/name but my files for site are in /var/www/html so I searched and found usermod so tried usermod -d /var/www/html name now i tried login name to see where this user would go and if it worked and yup it logged me right into /var/www/html as it should but now as name I can use cd .. and go any where in any directory when i tried changing to higher directory just after creating name i would get permission denied if i tried higher up but now since using moduser i never get that message. My question is how can i create a user and lock that user to /var/www/html ? |
I would create a group. Then apply settings to only that folder by giving the group ownership of that folder. a combo of chown and chmod should do the trick.
Further reading may be found here : http://www.firewall.cx/general-topic...rmissions.html ---------- Post added 05-01-12 at 12:32 AM ---------- I would create a group. Then apply settings to only that folder by giving the group ownership of that folder. a combo of chown and chmod should do the trick. Further reading may be found here : http://www.firewall.cx/general-topic...rmissions.html |
I would create a chrooted jail for the user, and loop mount /var/www/html into it.
|
Quote:
|
Quote:
The basic idea is to create a new directory somewhere on the filesystem which will become the new "root" for the user. When they do a "pwd", everything will be referenced to this new root. For example, if you created your chroot in /usr/local/chroot/, and then created a new user with a home directory in /usr/local/chroot/home/user, when they logged into their home directory and ran a "pwd", all they would see is "/home/user", they wouldn't see that their "/home/user" is actually "/usr/local/chroot/home/user" on the real filesystem. Once you create the chroot for them, you just need to fill it up with the required libraries and executables for them to be able to log in (ssh, bash, etc), and then configure their profile to use it. That will be the hardest part of the process. Once you get the chroot jail working and are able to ssh into it, adding access to /var/www/html is as easy as: Code:
mount --bind /var/www/html /usr/local/chroot/var/www/html |
All times are GMT -5. The time now is 12:48 AM. |