How to give access only to a certain folder and nowhere else?

O

Obivankinobi2018-08-30 09:34:51

linux

Obivankinobi, 2018-08-30 09:34:51

Good day.
I don’t have much experience with servers, but now it became necessary to provide FTP access to a certain folder for editing and nowhere else.
Folder where to give access to /var/www/site_dev/assets.
I made a new user, in the sshd_config folder I registered
Match group newusernamegroup
ChrootDirectory /home/%u/
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Register in ChrootDirectory /var/www/site_dev/assets. I can't, because many groups of users need write permissions to /var/www/.
There is an option to take files from /home/%u/ with cron every second and shuffle them into the end folder, but this is somehow not correct.
ubuntu server.
Thanks

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

E

Eugene Wolf, 2018-08-30
@Obivankinobi

Register in ChrootDirectory /var/www/site_dev/assets. I can't, because many groups of users need write permissions to /var/www/.

I do not quite understand how the rights of other users are connected with Chroot'om, in your case ... Well, that's not the point.

There is an option to take files from /home/%u/ with cron every second and shuffle them into the end folder, but this is somehow not correct.

Cron initially runs 1 time per minute (minimum) and is not well suited to doing something every second. In this case, it would be easier to write a script with an infinite loop and not croon at least 60 jobs (so that they run in a second). And if it’s more correct, use some kind of synchronization system for this, for example, Rsync .
You can also try mount --bind , I don't know if it will help in your case, but it's worth a try.

M

Mikhail Kupriyanov, 2018-08-30
@saybb

Good day.
Most likely this solution will help you .