[CentOS] how to control sftp's user file folder

Dominik Zyla gavroche at gavroche.pl
Thu Mar 10 17:25:55 UTC 2011

On Mon, Feb 28, 2011 at 05:53:34PM +0200, Eero Volotinen wrote:
> 2011/2/28 Yang Yang <dapiyang at gmail.com>:
> > hi,i have a question want to ask
> >
> > if i add a user like:
> >
> > useradd test
> > groupadd test -g www
> >
> > and how to control user test only can see and write only folder(like
> > /home/htdocs/test,he can not see /home/htdocs or other folder)
> for example using chrooted scponly or tweaking filesystem acls and
> selinux settings.
> scponly chrooted is the easiest way.

I agree. Using scponly and some mount-binds would do the trick. The best
way to do this, is to set scponly directory somewhere outside the
/home/htdocs, and mount-bind only those directories from /home/htdocs, that
that user can write to.

Dominik Zyla

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20110310/c6f7966f/attachment.sig>

More information about the CentOS mailing list