|Subject:||Re: [Jailkit-users] Jail SCPonlyc user into public_html|
|Date:||Thu, 07 Feb 2013 09:24:27 -1000|
|User-agent:||Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130107 Thunderbird/17.0.2|
Aloha, Olivier (we live in Hawaii)
Looks like a good option. Thanks! I will try it.
I just took a look at BlueFish... (I'm on Mac) very interesting. I can't open .lc files though (LiveCode)
oops... off topic (smile)
On 2/6/13 12:20 PM, Olivier Sessink wrote:
On 02/06/2013 06:48 PM, Brahmanathaswami wrote:Overview: I need to allow web design geeks who do CSS, JS, HTML5 access to files in the DOCROOT directly for a virtual server (our staging server) I need to allow SFTP only, SCPonly (no ssh) and read and write privileges to the "public_html" directory, but they must not be able to see up the directory tree or read files up the tree.if there should be no access at all to the other directories for the domain, a possible design for this is to create jails for each user (use hardlinks so the jails will not use any diskspace), e.g.: /srv/jails/user1 /srv/jails/user2 /srv/jails/user3 /srv/jails/user4 and mount the public_html directory in that jail mount -o bind /home/devstaging/public_html /srv/jails/user1/home/user1/ that way, user1 will see his own jail, with no other information around than the public_html data. Another solution: If you only want to isolate the domains from each other, you could create a jail in the existing domain directories: /home/domain1/ /home/domain2/ That means that you will get some extra directories there: /home/domain1/etc/ /home/domain1/bin/ /home/domain1/sbin/ etc.
|[Prev in Thread]||Current Thread||[Next in Thread]|