l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2008 May 28 12:37

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] Limiting FTP User access to certain subdirectories
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] Limiting FTP User access to certain subdirectories

Here's what I'm trying to do. Maybe I'm shooting for the moon here, but it can't hurt to try.

I have several sites on my host, and several users who need access to subdirectories within those sites. For example:


We have educational designers who need to be able to get into the COURSES directories of SITE_ONE and SITE_TWO, but not in any other subdirectory, or any subdirectory above the COURSES subdirectories. In an ideal world, my educational designers would only have to worry about one login, rather than having to have a second login for each site.

I created a subdirectory under V_HOST called "designers". Under "designers" I created one subdirectory for each designer. Then in each of those subdirectories I created a symbolic link to the various COURSES subdirectories. For example:


This didn't work until I gave the user account for each designers the same UID as the user that owns the entire site. I thought it was a great solution until I discovered that the education designers, once they followed the symbolic links to the COURSES subdirectories, could then browse to higher level directories in their FTP client. I trust the designers not to make any willful changes to the code elsewhere, but accidents can happen. Plus we're talking about allowing people outside our office having access to the courses subdirectories.

I tried creating a new user account and switching ownership of the courses subdirectories to that user, then setting the UID of one of my designers accounts to the same UID as the new user, but I got a "permission denied" error when I attempted to follow the symbolic link to the courses subdirectory.

The host has SELinux enabled, and, unfortunately, I don't have the option of disabling it.

Does anyone have any suggestions for how to go about doing what I want to do? Am I living in a dreamworld here?

Richard S. Crawford (rscrawford@mossroot.com)
Publisher and Editor in Chief, Daikaijuzine (http://www.daikaijuzine.com)
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.