0
On Ubuntu 18.x I want to block a user in the /var/www/ html directory
I created a user this way:
useradd ftpuser
passwd ftpuser
usermod -G www-data ftpuser
usermod -d /var/www/html ftpuser
chown ftpuser:www-data /var/www/html
Then in /etc/ssh/sshd_config
Subsystem sftp internal-sftp
Match User ftpuser
ChrootDirectory /var/www/html
PasswordAuthentication yes
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Then:
chown root /var/www/*
chown root:root /var/www/html
chown ftpuser:www-data /var/www/html*
I connect and I'm stuck in the html folder. But I can not create and edit files. I want to assign full permissions to the ftpuser without the ability to level up from the html folder.
After giving the command from this answer
setfacl -m g:ftpuser:rwx /var/www/html
I can not connect anymore.
Error: Network error: Software caused connection abort
Error: Unable to connect to the server
EDIT
ls -la /var/www/html
total 28
drwxr-xr-x 4 ftpuser www-data 4096 Mar 9 14:54 .
drwxr-xr-x 3 root root 4096 Mar 9 14:31 ..
-rw-rw-r-- 1 ftpuser ftpuser 0 Mar 9 14:54 aa
drwx------ 2 ftpuser ftpuser 4096 Mar 9 14:52 .cache
drwx------ 3 ftpuser ftpuser 4096 Mar 9 14:52 .gnupg
-rw-r--r-- 1 root root 10918 Mar 9 14:32 index.html
Could you run
ls -la /var/www/html
and [edit] your question to include the output? It would be useful to see the actual ownership & permissions on the html directory and any subdirectories that you want these users to be able to access. – Kenster – 2019-03-09T17:13:57.313No one knows how to solve the problem? – giacomosilli – 2019-03-12T17:22:00.873