Software :: Limit Mount Points Of SSHFS To Just User's Home Directory
Apr 21, 2010
We recently had a serious loss of data because of SSHFS mounting. A user in our group mounted the entire home directory of our server (/home). This was so they could easily move between user folders to read/write data from other people involved in the same project. They then deleted several folders that were not in there home directory.
Now I know this is a bad idea and that there should be a dedicated "projects" folder where everyone collaborates and does their stuff. Such a folder/system exits but I can't make them use it. My question: Is there anyway to configure SSHFS such that the only thing the user's can mount is their home directory? Obviously this won't fix the problem since they can sym-link to other folders but I've got to start somewhere. Perhaps there's a better solution (one that doesn't involve me nagging users about proper form).
View 4 Replies
ADVERTISEMENT
Feb 1, 2011
I need to add another user besides the one set up during the installation procedure but I also need to limit all users to use only their own /home/user directory.
View 4 Replies
View Related
Jan 27, 2011
I have a requirement that seems to be unique in nature. I have multiple clients who are caged to their home directories. I would like to "share" a directory which exists above these chroots with all these caged users. I know this can be accomplished using mounts but my problem is, how can I mount a single directory to multiple mount points located in each users home dir? Can this be done in the fstab file?
View 9 Replies
View Related
Apr 23, 2010
I have a bash script that uses sshfs to remotely mount an SSH directory.
Where should i place this script so it mounts with route privileges?
One consideration is i use VPN so the directory needs to be mounted after openvpn is started.
View 3 Replies
View Related
Sep 2, 2010
I'd like to add a user to my server that will only have access to a mount point over sshfs. Is there any way I can provide them this access without actually giving them permission to open a terminal on my server? I tried /bin/false and /sbin/nologin already, but /bin/false didn't allow the mount point to be made and /sbin/nologin prevented a login completely (also stopped the mount point from working).
View 6 Replies
View Related
Apr 15, 2009
I've been looking for this feature for months and couldn't find a solution for this. Does anyone know how to create users and limit the user to a specified directory?
View 6 Replies
View Related
Jul 12, 2011
i have a linux server which users connect to with SSH. my users only upload and download content from their /home folder.
Basicly, I want them to be limited to see and use only their home folder.
I read that it might not be a good idea to do so, since they nead read premissions to run programs and scripts, but again: they are only downloadinguploading content to their home dir.
How can I do it?
View 2 Replies
View Related
Aug 29, 2011
Limit every user to his own home folder only.I have a web server running 10.04 LTS and as a newbie in the world of server administration, I'm in a bind.Right now, I have three users. Root, which obviously has access to everything, and two other users that each own a website.For these two users, their website is located in their respective home folder in an extra folder they each have Read, Write & Execute permissions on. This is the only folder they can write to. They cannot delete it, or change anything outside the folder.
So far so good, except that by default, they can also read any file in the system, meaning they can navigate to my other websites' folders and read, for instance, the database passwords from WordPress config files.This is obviously problematic.The users access their files and folders through SSH with FileZilla.
How can I prevent these users from reading sensitive data, i.e. how can I restrict their access to only their home folder?The users must continue to login through SSH with FileZilla (i.e. no FTP solutions)Apache must still be able to access the user's folders (i.e. cannot chmod to 750)Folder containing the command line tools (/bin/bash I think) will probably have to be symlinked in the user's home folder?
View 1 Replies
View Related
Aug 3, 2011
Im new to linux and would like help or to be taught. My question is how do i limit users to their own directory for an example User andrew /home/andrew cant acess root or usr
View 10 Replies
View Related
Jan 6, 2010
I have a secondary disk which holds a /home directory structure from a previous install of Linux. I installed a new version on a new primary drive and mounted this secondary drive as the new /home. Problem is, even though the users are the same names and I can access the home directories for the users, I cannot login directly to their home directories, as I get the following error: -
Code:
login as: [me]
[me]@[machine]'s password:
Last login: Wed Jan 6 18:34:33 2010 from [machine]
Could not chdir to home directory /home/[me]: Permission denied
[[me]@[machine] /]$
Now, since the usernames are correct and the users are in the passwd file with the correct home directory paths, could it be user ID's that are different or something else? It's not as though I cannot access the home directories for the users, simply that I cannot log directly into them from a login prompt.
View 14 Replies
View Related
Aug 26, 2010
I have Ubuntu Karmic. I chose to install with an encrypted home directory. Recently I got a warning that I only had 2GB of drive space left. This is mostly because of my videos. So I went and bought a new hard drive and partitioned it and made 1 ext4 partition and copied my videos all to the new hard drive. I added a line in my fstab to mount the new hard drive to ~/videos, but when I reboot the computer, there is a screen saying something like "error mounting /home/me/videos, press S to skip or something else to reboot". If I press S to skip, then when my system comes up there is a video directory but it's empty because my other hard drive didn't get mounted. I can run sudo mount /dev/sdb video/ and it will mount fine and I can see all my videos, so why can't fstab mount it? Does this have something to do with my encrypted home directory?
View 14 Replies
View Related
Jun 16, 2011
Do you think there is a way of accessing different user data from another account which I have set up.
Ie. user 1 = account has messed up
user 2 = account works fine
access user account 1 home directory from user 2 work space?
View 9 Replies
View Related
Feb 2, 2011
created a user but i forgot to change the home directory permission.so after user created when i go to the user and group mangement i cant see that permission filed related to the home permission directory.my purpose is to stop accessing other user to my home directory,how it can be possible??
View 4 Replies
View Related
Mar 8, 2010
I'm developing an application in which one user must run java software that I'm compiling as another user. I wanted to give user A permission to see the bin direcory of my workspace, which is in the home directory of user B. I was wondering how can this be done? I gave the bin direcotry full read/execute premissions, but since it's in my home directory user A can't navigate to it.
I know there are a few ways I could get around the problem but they arn't very elegant. I was wondering if there is a simple method for giving a user access to a specific directory without giving access to all the parent directories. I tried symbolic link but user A still can't access it, and a hard link to a directory isn't allowed in Linux. I don't feel like making a hard link to every single file in the bin directory, and I'm not sure that would work anyways, since every recompile overwrites them.
View 7 Replies
View Related
May 12, 2011
i have rhel 5.2 and i want to create user using useradd command without creating user home directory and not throwing any warning/error about not creating any home directory.i have tried useradd -u "$NEW_UID" -g <gid> -d "/home/$1" -M "$1"where $1 is user name and $NEW_UID is i am calculating.it throws error as useradd: cannot create directory /home/$1which i dont want to come , how to prevent this?
View 1 Replies
View Related
Mar 18, 2011
I am struggling with getting an sshfs mount mounted on system boot. I have a script that mounts the sshfs for "userA". When userA runs the script all is well - user A can access the remote filesystem, root user can't see it as expected. The basic command is: sshfs userA@remote host:/home/userA /home/userA/mountdir -p 21212 -o password_stdin < passwordfile. I can prepend the sshfs command in the script with su - userA -c and when I run this script logged in as root all is well, userA has access and all is well. If I then put this script in /etc/init.d and reference it properly in the rc. directories the mount doesn't happen. If I prepend the sshfs command with sudo, same thing. Logged in as root I can run the script and UserA has access. Run the script in /etc/init.d during startup and the mount doesn't happen. Echoing text to a log file shows that the script is being executed but no mount happens.
View 4 Replies
View Related
Jul 28, 2011
i'm new to linux and just installed Ubuntu and decided to play around with it. i just executed
Code: useradd test which supposedly creates a folder in the home directory '/home/test' but when i look in there i can't see it i also did a
Code: grep test /etc/passwd which returns: 'test:x:1001:1001::/home/test:/bin/sh' which i believe means it is meant to exist.
Addendum: I have also now noticed that when i log in and log back in i have the option to login as 'test' but it prompts me for a password which i did not set :s
View 5 Replies
View Related
Jul 30, 2011
i have VPS server and i installed Xserver on it and all ok i created new user for my client but i need to limit his access to the following
he can download and upload to his home file " browser by Firefox"
he can't install or use any application "just the one i installed it"
he can't see the file system or browser it !! if i can give him specific space on harddisk would be better
he can extract and compress files
he can't edit the settings ....
i have another sensitive folder and setting i don't want him to see it so how to limit his access?
View 8 Replies
View Related
Jan 16, 2011
iam learning to setup a NFS server with fedora14. I have gone through couple of materials for this topic. I have a doubt. Say if i have user1 till user5 on my NFS server with their home directory under the /home and the /home directory is shared. If user1 logs into a client machine then will he be able to see home folders for the other users or just his own home folder. Because in the /etc/exports file there was an option saying "subtree" and according to my understanding this means that the subdirectories under /home will also be shared. Does that mean all the users should be able to see all other users home directory and its contents but not read/write?? Correct me if iam wrong.
View 1 Replies
View Related
Feb 28, 2011
I was just exploring if i could create a normal user without a home directory. So i edited the file /etc/defaults/useradd and it now shows
[code]...
Why is this so? why isnt the change in useradd reflected here?
View 1 Replies
View Related
May 12, 2010
I have a VPS server with 512 MB memory. The php.ini is set so script memory limit = 16 MB. However, I have noticed in my top report, instances like the following:
Quote:
5484 coldclim 25 0 46476 32m 5920 R 0.0 6.4 0:00.93 php
The bold number of 6.4 is the % of sever memory this process is using. 6.4 % of 512 MB of memory is about 32 MB of memory, so it appears that this isn't being limited by php.ini. Am I correct? This leads to the next question: Is there some way to limit the amount of memory a single suphp process can use? (Basically, something like the setting in php.ini which limits suphp processes in the same way.)
View 2 Replies
View Related
Oct 17, 2010
have a Debian server which I use to hold my home directory for my user account. I used to use Windows 7 and connect to my /home/username directory via Samba which worked great. I could access all of my files as if they were sitting on my local PC, but they were actually sitting on my Debian server.
Now I have decided to give Ubuntu 10.10 a try (looks promising so far!).One thing I'm not sure how to do is to mount my home directory from my server! I am able to open an sftp connection to my server, but not able to access them natively as they were /home/username on my local machine.I'm assuming I need to mount my home directory somewhere in my fstab before it starts up, but which protocol should I use? I'm used to using windows networking, but am trying to get more into linux.Should I use NFS?
View 2 Replies
View Related
Sep 14, 2010
I've a user account in a remote machine. but it doesn't have a home directory in that machine.Is it possible to create a home directory without having root account details. If yes, how it can be done.
View 1 Replies
View Related
Sep 29, 2010
Ubuntu 10.04 64 bit
I ran following command to change username;
# usermod -c "Real name" -l new_username old_username
but forgot adding -m option to move the contents of the old home directory to the new home directory.
Therefore;
# ls /home
old_user_directory
how to fix it. /home is on partition /dev/sda3 NOT on root directory
View 7 Replies
View Related
Sep 29, 2010
Ubuntu 10.04 64 bit I ran following command to change username; # usermod -c "Real name" -l new_username old_username but forgot adding -m option to move the contents of the old home directory to the new home directory. Therefore; # ls /home old_user_directory
View 4 Replies
View Related
Jun 21, 2011
I must to give ssh connection to own customer. So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user.
View 1 Replies
View Related
Mar 10, 2011
I am having problems setting up SFTP on a Red Hat server to clamp users down to their home directory. I have created the user, removed /bin/bash login shell and replaced with the below in the passwd file. The user can login by sftp but can browse around the server and download any files apart from other users file. Have also assigned the user over to the sftp user group.
Code:
SFTPUser:x:515:515::/home/SFTPUser:/usr/libexec/openssh/sftp-server
Added following section to file - /etc/ssh/sshd_config
Code:
Match Group sftp
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
View 7 Replies
View Related
Oct 22, 2010
Is there a way where i can chroot their user home directory, lets say the user login on linux box /home/user, what i wanted to do is to chroot /home/user where user won't be able to browse the filesystem which is /. Tnx
View 1 Replies
View Related
May 9, 2010
How do I change user's home directory, because right now everything saves into File System and it's almost full(I got windows and Ubuntu installed in the same partition), while the other 120Gb filesystem is unused..
View 9 Replies
View Related
Feb 21, 2011
I would like to ask how to addftp user in vsftpd with directory otherhan /home/ for example /var/www ?
View 1 Replies
View Related
