Hello guys,

I have this project in which i make a webserver, i wanted to give users access to multiple www-root folders via a single user on FTP.

The folder layout looks like this:
(penguin, sitename(1/2).tld are made up, just as example)

(Bold is what the user sees via FTP when he is in the /home/penguin/ folder)
/home/penguin/sitename1.tld/{index.html, lolwat.flv}
/home/penguin/sitename2.tld/{index.php, aybabtu.flv}

The ftp server is proftpd and the penguin user has the DefaultRoot to /home/penguin/

how would i make the the folders sitename1.tld and sitename2.tld visible but the "penguin" user should not be able to mess with these folders, so he can only acces the "sitename(1/2).tld" and put files there delete them ect. Would someone concider this a file/folder permissions problem or a groups problem? or both.

I saw something about SElinux and proftpd ftp command limmiting, i dont know where to start looking. Any advice is much appreciated

Cheers guys, Verbin

EDIT:

tl;dr, how do i lock/freeze a folder but when in it you can do everything again.

i think binding directories is what you want

I cant say i understood it!!

you want the read permission on it.

this contradicts each other, you want the user to write the changes and at the same time you want him not to mess with!!!! care to explain a bit more what is that ??

Yeah i'm sorry it is as simple as you should not be able to delete or modify the folder, but inside the folder you should be able to store files and folders, also delete them inside the folder.

I got the idea to make /../pinguin/sitename.tld a mountpoint made by root so the user could not delete the mountpoint but can acces the mountpoint to work in it.

But i found a workaround, with proftpd you can set rules for folders to disable ftp commands like DELE, RMD SITE_RMDIR, which works for now. but this only works for FTP connections to which the rules are set, this project also describes the the usage of sftp but i'm not sure that i can set sftp rules.

The proftpd rules:
This works for now, i do have to add more other specific ftp commands to the limit section.

I looked into and which does not solve the problem

I have completely read all man pages, chattr and chmod, i have not found a solution.. yet..

well chattr +i /path/to/folder will not allow even root to delete or modify the folder ! did you want that ?

No was not the solution, i start to get the point now, the directory is the parent of everyting in it, if you have a directory with set permissions on a basic setup the files you put in it will get the same rights(as example).

The directory has the overhand on the files and other directorys in it, so if i give write permissions on a directory you can write in it but you can also delete the directory because the directory simply is a "directing thing" pointing to a certain set of files/directorys that just point out somewhere on the disk.

The idea was to chain the directory in place like holding it tight by some root command/option as where did that, the problem then was that i could not write in it. simply because as i read was introduced to hold files in place when updates of root-privileged scripts occurred.

Because the /home/penguin/examplefolder is owned by pinguin itself and the /home/penguin/examplefolder should not be deleted,renamed,chmod-ded but should be written into and deleted out of by the penguin user i made this thread. guessing there is no simple root command that can do this, but in a sort of different approach would be what Ygrex said:
Could solve this since if you mount a folder to a new location as root /undeletablefolders/exmaple1.tld to /home/penguin/example1.tld you should not be able to delete the folder since it is a mount point held by root but privileged by the user