2

I read documentation on the internet on how to create a new user with SSH access. I figured it out and to create a user is quite simple.

The next step I want to take is to jail this ssh server to the /home/ directory on my machine. It needs the permission to write/create folder/files in directories of other users (CMS system).

How can I implement this?

Anthon
  • 78,313
  • 42
  • 165
  • 222
Freshtea
  • 121
  • 2
  • That "write/create folder/files in directories of other users" is the opposite of a jail. It needs extra permissions, not fewer. – Elliott Frisch Apr 10 '14 at 20:48
  • `setfacl` to the user. – Ramesh Apr 10 '14 at 21:38
  • You also need to allow access to things like `/etc` for dns, username lookups, etc. Then `/dev`, `/bin`, `/usr/bin`, `/lib64`, etc. By the time you've added all the directories needed for normal operation, there's pretty much nothing left outside the jail. About the only thing I can think of is *some* stuff in `/var`. What is it you're hoping to prevent access to? – phemmer Apr 11 '14 at 01:33
  • try jailkit http://olivier.sessink.nl/jailkit/ – Qasim Apr 11 '14 at 05:16

1 Answers1

0

You can achieve it using the below command. Assuming the new user created is user1, you can give the below command to give access to this user access to the home directories of the other users. 

setfacl  -R -m user:user1:rwx /home/

However, it is strongly not recommended.

You can find this answer for my question here. We have implemented a similar setup in one of our labs but we do not have given the write permission to the users. If at any time you feel to revoke the file access to this user, you can use the below command. 

setfacl -R -x user:user1:  /home/
Community
  • 1
Ramesh
  • 38,687
  • 43
  • 140
  • 215