Find the answer to your Linux question:
Results 1 to 4 of 4
I made an account on my webserver for my brother. The document root for my website is /var/www/html, and I made a folder within html called "~hisname" which is where ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2005
    Posts
    5

    Restricting user accounts


    I made an account on my webserver for my brother. The document root for my website is /var/www/html, and I made a folder within html called "~hisname" which is where I want him to put his website. When I created his user account, I made his home directory /var/www/html/~hisname, so when he logs in via FTP he's automatically in that directory. What I want to do is prevent him from changing to ANY OTHER DIRECTORY, unless it's one that he's made within ~hisname. So shouldn't be able to cd to any directory or ls in any directory but his own. Is there an easy way to do this? Or do I have to change the permissions on all of my directories or something like that?

  2. #2
    Linux Newbie
    Join Date
    Aug 2005
    Posts
    214
    I'm not sure which ftp server you are using, but vsftpd can be configured to force anyone who logs on ftp server to chroot to its home directory. In vsftpd.conf option named "chroot_local_user". User will not be able to change to the parent directory, and will be able to view/edit only subfolders of his/her home directory. I believe other ftp servers also should have such option, check out the one you use.

  3. #3
    Just Joined!
    Join Date
    Aug 2005
    Posts
    5
    wow, that's exactly what i wanted. he can still cd /, but when you ls he can only see the contents of his home directory. now, how can i prevent him from logging in via ssh?

  4. #4
    Linux Newbie
    Join Date
    Aug 2005
    Posts
    214
    Edit user account settings and change login shell from "/bin/bash" to "/bin/false". This will restrict using shell at all, whether via ssh or telnet. First make sure that "/bin/false" file exists.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •