Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
I run a combined chroot environment. A few normal accounts, and a couple of dozen that are FTP and SFTP only. Those are chrooted. The parent folder must belong to root, the home folders belong to root, the subfolders belong to the client, and virtual subfolders that are bind mounted from other locations are mounted RO. Getting it this way was NASTY, and required a LOT of reading about OpenSSH requirements ans settings, and vsftp requirements and settings, and then a LOT of trial and error.
I think my configuration might be a level or two more restrictive than your group could live with. If, however, I could get my requirement working by hitting the documentation and how to circuit, then you should be able to as well.
My first thought was that you were not understanding the requirements correctly, but it may be that I am not understanding your words properly. I will not give detailed advice at this time, but do not lose hope. This CAN be done.
Last edited by wpeckham; 03-26-2015 at 09:12 PM.