On 03/01/2011 11:53 PM, Nico Kadel-Garcia wrote: > On Mon, Feb 28, 2011 at 10:53 AM, Eero Volotinen<eero.volotinen@xxxxxx> wrote: >> 2011/2/28 Yang Yang<dapiyang@xxxxxxxxx>: >>> hi,i have a question want to ask >>> >>> if i add a user like: >>> >>> useradd test >>> groupadd test -g www >>> >>> and how to control user test only can see and write only folder(like >>> /home/htdocs/test,he can not see /home/htdocs or other folder) >> for example using chrooted scponly or tweaking filesystem acls and >> selinux settings. >> >> scponly chrooted is the easiest way. > No, sftp is actually supported, somewhat, in OpenSSH 5 for this to > work well, which is not in CentOS 5, and integrating it to CentOS 5 is > problematic. It's also awkward to maintain, the chroot cages require > the relevant binaries nad libraries in each user's chroot cage. (I > used to publish the software changes for this, years back under SunOS > and RedHat 5.2, not RHEL 5.2). > > Frankly, don't. Use ftps, which Dovecot supports directly, or WebDav > over HTTPS, which Apache supports directly with mod_dav. > _______________________________________________ > CentOS mailing list > CentOS@xxxxxxxxxx > http://lists.centos.org/mailman/listinfo/centos I've used rssh for controlling SFTP access. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos