2

I read documentation on the internet on how to create a new user with SSH access. I figured it out and to create a user is quite simple.

The next step I want to take is to jail this ssh server to the /home/ directory on my machine. It needs the permission to write/create folder/files in directories of other users (CMS system).

How can I implement this?

Improve this question
4
  • That "write/create folder/files in directories of other users" is the opposite of a jail. It needs extra permissions, not fewer. Commented Apr 10, 2014 at 20:48
  • setfacl to the user. Commented Apr 10, 2014 at 21:38
  • You also need to allow access to things like /etc for dns, username lookups, etc. Then /dev, /bin, /usr/bin, /lib64, etc. By the time you've added all the directories needed for normal operation, there's pretty much nothing left outside the jail. About the only thing I can think of is some stuff in /var. What is it you're hoping to prevent access to? Commented Apr 11, 2014 at 1:33
  • try jailkit olivier.sessink.nl/jailkit Commented Apr 11, 2014 at 5:16

1 Answer 1

Reset to default
0

You can achieve it using the below command. Assuming the new user created is user1, you can give the below command to give access to this user access to the home directories of the other users. 

setfacl  -R -m user:user1:rwx /home/

However, it is strongly not recommended.

You can find this answer for my question here. We have implemented a similar setup in one of our labs but we do not have given the write permission to the users. If at any time you feel to revoke the file access to this user, you can use the below command. 

setfacl -R -x user:user1:  /home/
Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.