How to hide subdirectories within chrooted directory from users who don't have access

1

Apologies if this problem has been answered before / elsewhere. I've had a hunt around but am unable to find anything. If so please point me in the right direction.

I'm running a linux ftp server (UB10) with ssh and vsftp. I have a group of users who are chrooted to a directory (/files). Each user needs access to at least one subdirectory within - user 1 has access to /files/1, user 2 has access to /files/2, user 3 to /files/3.

I want to add a 4th user who has access to both /files/1 and /files/2 but is unable to see /files/3. I have the 4th user able to access only subdirectories 1 & 2, however, directory 3 is still visible.

Is there a way to not show /files/3 to user 4?

In actuality there are more than 4 users and more than 3 directories and each user needs access to a variety of combinations so simply moving the directory outside of the chroot and creating another group isn't the best solution.

Thanks,

Alex.

alex

Posted 2014-12-09T05:02:19.563

Reputation: 11

vsftp isn't an ssh or sftp server. How is ssh involved here? – Kenster – 2014-12-10T15:43:32.457

Answers

0

It appears that with vsftp, you could use a few options within the FTP server instead of relying on unix permissions and groups entirely to get what you'd like.

Within the VSFTP Config Manpage there is one option - user_config_dir - which should do what you need:

user_config_dir - This powerful option allows the override of any config option specified in the manual page, on a per-user basis. Usage is simple, and is best illustrated with an example. If you set user_config_dir to be /etc/vsftpd_user_conf and then log on as the user "chris", then vsftpd will apply the settings in the file /etc/vsftpd_user_conf/chris for the duration of the session.

Assuming you have a simple file setup, in combination with deny_file and hide_file options you should be able to set specific items in the directory as non-visible to that user. You'd create a config file per user in /etc/vsftpd_user_conf for example (if you set the directory to there), and set the options for that specific user.

Adam B

Posted 2014-12-09T05:02:19.563

Reputation: 131

Asked: 2014-12-09T05:02:19.563

Viewed: 850 times

Active: 2014-12-09T05:56:07.753