How to differentiate user rights on a linux server?

P

Peter2015-03-09 14:45:37

linux

Peter, 2015-03-09 14:45:37

There are users on the server. Each user has their own home directory:

/home/user1
/home/user2
/home/user3

How to prevent users from leaving their home directory, reading other users' files, accessing their directory, etc. via FTP and SSH?
Which way to look?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

V

Vlad Zhivotnev, 2015-03-09
@SeNaP

Something like this:

mkuser () {
mkdir -p ${user_homedir}
useradd -d ${user_homedir} -s /bin/bash ${user}
usermod -a -G secure ${user}
echo "User ${user} created"
user_set_login_type
random_password_for_user
chown root:root /home/${user}/
chmod 755 /home/${user}/
chown ${user}:secure ${user_homedir}
chmod 705 ${user_homedir}
mkdir -p ${user_homedir}/www
mkdir -p ${user_homedir}/mod-tmp
chown -R ${user}:${user} ${user_homedir}/*
chown -R ${user}:www-data ${user_homedir}/mod-tmp/
chmod -R 770 ${user_homedir}/mod-tmp/
chmod -R 755 ${user_homedir}/*
}
This will prevent users from reading files from other hamsters.
You can glue vsftpd with a chroot on top - https://debian.pro/72
https://debian.pro/24 - chroot into a hamster for
sftp read this - https://debian.pro/1237

S

Shetani, 2015-03-09
@Shetani

Have you tried setting permissions?
Permission Model

K

Kirill Saksin, 2015-03-09
@saksmt

# usermod -R /home/$USERNAME $USERNAME

S

Saboteur, 2015-03-09
@saboteur_kiev

All user rights in Linux are inherited from file permissions.
In your case, it's better to close ssh, and the rest is ruled by file and folder permissions and chroot.