LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page How to create a user and limit the user to a directory?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 04-15-2009, 10:29 PM   #1
guest
Member
 
Registered: May 2003
Distribution: CentOS 5 64 bit
Posts: 253

Rep: Reputation: 30
How to create a user and limit the user to a directory?

I've been looking for this feature for months and couldn't find a solution for this. Does anyone know how to create users and limit the user to a specified directory?

Thanks in advance!
 
Old 04-15-2009, 11:17 PM   #2
gmendoza
LQ Newbie
 
Registered: Nov 2007
Distribution: Ubuntu, Debian, Slackware
Posts: 6

Rep: Reputation: 1
Search for chroot(). A useful set of utilities that make it easier to configure would be Jailkit.

http://olivier.sessink.nl/jailkit/

Others may suggest debootstrap, etc.
 
Old 04-16-2009, 01:08 AM   #3
guest
Member
 
Registered: May 2003
Distribution: CentOS 5 64 bit
Posts: 253

Original Poster
Rep: Reputation: 30
Jailkit is so difficult to use..

It requires some indepth reading.. and tons of jargons

Is there an easy way to just creating a jailed directory and create a user/password for it and allow ssh?

That's all I really need...
 
Old 04-16-2009, 02:18 AM   #4
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: Nantes (France)
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 61
It may be overkill, but still you could be interested in this article by IBM:
http://www.ibm.com/developerworks/li...xc-containers/

Yves.
 
Old 04-17-2009, 02:32 AM   #5
camh
Member
 
Registered: Feb 2005
Distribution: Slack/Debian
Posts: 159
Blog Entries: 2

Rep: Reputation: 32
http://www.fuschlberger.net/programs...p-chroot-jail/
 
Old 04-18-2009, 01:38 AM   #6
guest
Member
 
Registered: May 2003
Distribution: CentOS 5 64 bit
Posts: 253

Original Poster
Rep: Reputation: 30
I couldn't get into ssh/sftp with the jailed user login. It kicks me out right away. It doesn't even tell me pw is wrong. How would I look into this problem?

Also I've set host.domain.com to a jailed user's html directory, but when I access in my browser, it gives this error: "You don't have permission to access / on this server."

Perhaps there's something I have to enable for the jailed user? httpd perhaps?
 
Old 04-21-2009, 06:23 PM   #7
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Debian, FreeBSD
Posts: 3,749
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by guest
Is there an easy way to just creating a jailed directory and create a user/password for it and allow ssh?
Actually, no. This is nontrivial to do properly. Moreover, it introduces risk, because in this scenario chroot generally runs with elevated privileges (and it has a history of vulnerabilities and attack methods).

That said, I think openssh portable has chroot patches written for it (search the 'net). Alternatively, I have been OK with putting shell users in a FreeBSD Jail for the scenario you're describing. This would likely be akin to Linux-VServer for you.

So, again, the short answer is that there is no easy way to do this properly (IMO).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Limit a user to their home directory redgore Linux - General 2 08-04-2009 10:45 AM
create a new user with a different home directory cccc Debian 6 08-06-2008 05:47 AM
can i create a user for only one directory. nephish Linux - Networking 2 12-04-2005 06:49 PM
vsftpd - limit user to his/her home directory kaon Linux - Software 0 01-15-2005 12:32 AM
How can I limit my ftp user to just one directory mtn356 Linux - Software 1 10-28-2003 02:45 PM


All times are GMT -5. The time now is 09:50 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration