hi guys, i have set up a vsftpd jail and it works OK
i jail them by setting the sshd_config
match group xxx
let say user1, homedir= /data/group1
user2, homedir= /data/group2
user3, homedir= /data/group1
user3 is same group with user1, so their home directory will be the same, and will be jailed under the same directory.
rwxr-xr-x root root group1
rwxr-xr-x root root group2
i can use user1,2,3 winscp and it will jail under their directory.
the jail issue works perfectly, until i need to create another group call operator, where the operator will need to access and edit whatever he needs
so i setfacl -R -m g
now ls -l
drwxrwxr-x+ root root group1,group2
now the operator can do whatever he wants, but the vsftpd jail function no longer works.
when i winscp, it will says software error.
if i remove the w permission for the operator group
make the directory becomes
rwxr-xr-x root root group1, then the jail function works again, but the operator will not have any write permission anymore
how can i have the operator group to have full permission, while the jail functions work together