1

My company has a web designer that's going to upload files to /var/www/html and edit them. I created an account and will give them ssh access.

I added them to the apache group, but they can't access /var/www/html. Currently this is the set up of /var/www/html:

drwxr--r--  5 apache    apache 4096 11月  4 17:56 html

What would give them access to this directory but keep Apache limited? I can change it with chmod 664 apache:apache -R but what other suggestions do you have?

Tensigh
  • 341
  • 2
  • 4
  • 14
  • `/var/www/html` is a directory so needs to be both read (`r`) and executable (`x`) by anyone who needs access to it. so 775 or 770 would be the right perms to allow owner and group `rwx`. – cas Nov 04 '15 at 10:12
  • sorry my ignorance @cas : ) why a directory must be executable in order to be allowed to be accessed? – lese Nov 04 '15 at 10:20

1 Answers1

3

The usual way of addressing this is to put the ftp/sftp users in a chroot, so that they can see only the directory tree which included. The feature is described in several places.

To start:

Community
  • 1
Thomas Dickey
  • 75,040
  • 9
  • 171
  • 268
  • Cool, thanks. That's just what I was looking for. – Tensigh Nov 05 '15 at 02:16
  • Okay, I've created a chroot for them. But I can't get them to access the /var/www/html folder. I did `mount --bind /var/tmp/chroot/var/www/html /var/www/html` but now /var/www/html appears as empty. – Tensigh Nov 16 '15 at 06:10