[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Jailkit-users] Jail SCPonlyc user into public_html
|
From: |
Brahmanathaswami |
|
Subject: |
[Jailkit-users] Jail SCPonlyc user into public_html |
|
Date: |
Wed, 06 Feb 2013 07:48:18 -1000 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 |
Overview:
I need to allow web design geeks who do CSS, JS, HTML5 access to files
in the DOCROOT directly for a virtual server (our staging server) I
need to allow SFTP only, SCPonly (no ssh) and read and write privileges
to the "public_html" directory, but they must not be able to see up the
directory tree or read files up the tree.
Platform details:
1) CentoOS6.2 set up as web server.
2) all web domain content lives on device 2 (separate hard drive) mapped to
/home
3) each virtual domain has it's own directory for content and the name
of the admin/owner/user
i.e. directory layout looks like this (pretty standard)
/home/devstaging/public_html
/home/domain1/public_html
/home/domain2/public_html
etc.
layout for a given virtual server looks like. e.g.
/home/devstaging/
/etc
/homes
/logs
/public_html
Where httpd.conf on the machine maps the DOCROOT for each domain: e.g.
dev.staging.com
/home/devstaging/public_html
So I need to allow web designer "Rajan" access to
/home/devstaging/public_html
but he should be able to see anything in /home/devstaging/etc
or any thing else "higher" on the box (obviously)
all files in /home/devstaging/public_html are set to owner:group
devstaging:devstaging
And permissions are pretty standard for public facing web
folders-directories 755, php content framesworks are typically 644 (rw-
--r --r)
Can Jail kit help me out here?
Brahmanathaswami
Web coordinator
www.himalayanacademy.com
- [Jailkit-users] Jail SCPonlyc user into public_html,
Brahmanathaswami <=