Hi All,

I have one local account created in my syslog server. My requirement is to allow user to login to system and access only his home directory and /var/log/syslog-ng/ directory. Except that he should not browse any other directories. Please suggest how this can be achieved.

Note: I do not want to use Jail and ACL here.

OS: redhat enterprise Linux 5.3 (64 bit).

Thank You
Gajanan Hegde

Why not use jail?
You need to provide more information:
1. What access do you want the user to have, really? You mention browse, are you talking sftp, ftp, http, or other access?
2. Does this user get a shell? (there are some nice sftp-only setups that jail a user without a true chroot jail)
3. Why the restriction re: not using ACL or jail? If we do not understand your restrictions, suggestions we make may not be appropriate.


My first approximate, lacking better information about your objective, would be to assume sftp only and point you at the recent ssh pages about how to accomplish this using the ssh conf files only. Then add the bind mount option to make that log folder appear to be RO mounted under the users home.

Use a restricted shell (like with sftp). If you still want to use normal SSH access, then I would still opt for using file ACLs (as it is unclear why you prefer not to use it).