On Mon, Feb 28, 2011 at 10:53 AM, Eero Volotinen eero.volotinen@iki.fi wrote:
2011/2/28 Yang Yang dapiyang@gmail.com:
hi,i have a question want to ask
if i add a user like:
useradd test groupadd test -g www
and how to control user test only can see and write only folder(like /home/htdocs/test,he can not see /home/htdocs or other folder)
for example using chrooted scponly or tweaking filesystem acls and selinux settings.
scponly chrooted is the easiest way.
No, sftp is actually supported, somewhat, in OpenSSH 5 for this to work well, which is not in CentOS 5, and integrating it to CentOS 5 is problematic. It's also awkward to maintain, the chroot cages require the relevant binaries nad libraries in each user's chroot cage. (I used to publish the software changes for this, years back under SunOS and RedHat 5.2, not RHEL 5.2).
Frankly, don't. Use ftps, which Dovecot supports directly, or WebDav over HTTPS, which Apache supports directly with mod_dav.