Re: how to control sftp's user file folder

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Mon, Feb 28, 2011 at 10:53 AM, Eero Volotinen <eero.volotinen@xxxxxx> wrote:
> 2011/2/28 Yang Yang <dapiyang@xxxxxxxxx>:
>> hi,i have a question want to ask
>>
>> if i add a user like:
>>
>> useradd test
>> groupadd test -g www
>>
>> and how to control user test only can see and write only folder(like
>> /home/htdocs/test,he can not see /home/htdocs or other folder)
>
> for example using chrooted scponly or tweaking filesystem acls and
> selinux settings.
>
> scponly chrooted is the easiest way.

No, sftp is actually supported, somewhat, in OpenSSH 5 for this to
work well, which is not in CentOS 5, and integrating it to CentOS 5 is
problematic. It's also awkward to maintain, the chroot cages require
the relevant binaries nad libraries in each user's chroot cage. (I
used to publish the software changes for this, years back under SunOS
and RedHat 5.2, not RHEL 5.2).

Frankly, don't. Use ftps, which Dovecot supports directly, or WebDav
over HTTPS, which Apache supports directly with mod_dav.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux