LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-30-2012, 11:47 PM   #1
autotron
LQ Newbie
 
Registered: Apr 2012
Posts: 2

Rep: Reputation: Disabled
changing home directories help


I have a website set up and running, but now have a person who is going to help me with some design of the site, I am trying to create an account for him and have his home directory in the same directory as the site files but not have permission to stray elsewhere.
I added the user in the normal fashion
adduser name
passwd pass
this created a directory /home/name
but my files for site are in /var/www/html
so I searched and found usermod so tried
usermod -d /var/www/html name
now i tried login name to see where this user would go and if it worked and yup it logged me right into /var/www/html as it should but now as name I can use cd .. and go any where in any directory
when i tried changing to higher directory just after creating name i would get permission denied if i tried higher up but now since using moduser i never get that message.
My question is how can i create a user and lock that user to /var/www/html ?
 
Old 05-01-2012, 12:32 AM   #2
gr0undzer0
Member
 
Registered: Apr 2012
Location: Alexandria, VA
Distribution: Fedora
Posts: 46

Rep: Reputation: 1
I would create a group. Then apply settings to only that folder by giving the group ownership of that folder. a combo of chown and chmod should do the trick.

Further reading may be found here : http://www.firewall.cx/general-topic...rmissions.html

---------- Post added 05-01-12 at 12:32 AM ----------

I would create a group. Then apply settings to only that folder by giving the group ownership of that folder. a combo of chown and chmod should do the trick.

Further reading may be found here : http://www.firewall.cx/general-topic...rmissions.html
 
Old 05-01-2012, 12:46 AM   #3
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,357

Rep: Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989
I would create a chrooted jail for the user, and loop mount /var/www/html into it.
 
Old 05-01-2012, 09:56 AM   #4
autotron
LQ Newbie
 
Registered: Apr 2012
Posts: 2

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by suicidaleggroll View Post
I would create a chrooted jail for the user, and loop mount /var/www/html into it.
How would I go about this, I am a total newbie to this and have just basic skills
 
Old 05-01-2012, 05:02 PM   #5
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,357

Rep: Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989Reputation: 1989
Quote:
Originally Posted by autotron View Post
How would I go about this, I am a total newbie to this and have just basic skills
It depends on what distro this is. Usually, launching a Google search for something along the lines of "how to create a chroot jail Debian" will give you the guides you need (for Debian, at least).

The basic idea is to create a new directory somewhere on the filesystem which will become the new "root" for the user. When they do a "pwd", everything will be referenced to this new root. For example, if you created your chroot in /usr/local/chroot/, and then created a new user with a home directory in /usr/local/chroot/home/user, when they logged into their home directory and ran a "pwd", all they would see is "/home/user", they wouldn't see that their "/home/user" is actually "/usr/local/chroot/home/user" on the real filesystem.

Once you create the chroot for them, you just need to fill it up with the required libraries and executables for them to be able to log in (ssh, bash, etc), and then configure their profile to use it. That will be the hardest part of the process. Once you get the chroot jail working and are able to ssh into it, adding access to /var/www/html is as easy as:
Code:
mount --bind /var/www/html /usr/local/chroot/var/www/html
Replacing /usr/local/chroot with wherever you decided to put it. At that point when the user logs in, the only things he'll be able to see, read, or access, are his home directory, the few executables and libraries you stuck in the chroot to enable logging in, and /var/www/html.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Changing directories in Sabayon. mwarwick Linux - Newbie 1 03-23-2008 08:23 PM
changing permissions only for directories xpucto Linux - Newbie 2 03-11-2007 06:09 AM
Apache Root/Home Directory and setting up FTP for home directories? Mankind75 Linux - Newbie 6 07-23-2006 03:37 PM
Changing Permissions on Directories... bob4432 Linux - Newbie 6 06-25-2004 03:50 PM


All times are GMT -5. The time now is 07:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration