38

I have a user which is chrooted to her home directory, but I want her to also be able to manage files within /var/www. As such, I did the following:

root@server:/home/username# ln -s /var/www www
root@server:/home/username# cd www
root@server:/home/username/www# chown username:username *

However, when I try to open /www with FileZilla it returns "no such file or directory". I can see the linked directory, but I can't access it. What am I doing wrong?

Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
Doc
  • 503
  • 1
  • 6
  • 10

1 Answers1

67

Symlinks are essentially just pointers to another file, you can't point to something outside the chroot because it is looking for a file with that name (/var/www, which doesn't exist inside the chroot). Hardlinks on the other hand are pointers to the inode. As such, if you want to do that, you need to use a hard link by omitting -s. However, you cannot hard link a directory (other than . and ..) in Linux for a variety of reasons (the main one being that those filesystems are a DAG).

Perhaps the best way would be to use a bind mount. Try this:

mount --bind /var/www /home/username/www
Chris Down
  • 122,090
  • 24
  • 265
  • 262
  • `ln: '/var/www': hard link not allowed for directory` – Doc Nov 14 '12 at 15:53
  • 7
    @Doc - Directories cannot be hard linked in Linux. A bind mount should work. – Chris Down Nov 14 '12 at 16:03
  • 1
    Can I add this to fstab to make it persistent? – Kornel Aug 31 '17 at 14:43
  • Could you recurse through directories and replicate the tree with hard links? E.g. if the parent has `/foo/a.txt` and `/foo/bar/b.txt` then you could do `mkdir -p ./chroot/foo/; mkdir -p ./chroot/foo/bar; ln /foo/a.txt ./chroot/foo/a.txt; ln /foo/bar/b.txt ./chroot/foo/bar/b.txt`? Or would that still not work for some reason? (Obviously this is something you'd write a script to do, instead of doing by hand). – shadowtalker Nov 02 '17 at 20:39
  • @ssdecontrol Yes, you can do this with `cp -rl` (or `cp --reflink` for a reflink on a COW filesystem). The problem is that when the hierarchy changes in the parent, it's no longer propagated to the child this way, which is why bind mounts are typically used instead. – Chris Down Nov 04 '17 at 00:16
  • 3
    I've mounted folder successfully, but chrooted user can't see existing files inside mounted folder. How can I fix this? – AdvanTiSS Nov 29 '17 at 12:51
  • 1
    @Kornel you can use the `none` mode along with `bind` option: https://serverfault.com/questions/613179/how-do-i-do-mount-bind-in-etc-fstab – Yvan Feb 08 '18 at 16:48