Trying to give user access to the home directory

Hey Team,

I am running RedHat and SFTP, within that server I have user/SFTP accounts. I need give a few users full access to this directory only (The Home Dir not his home). he needs to move files and then deposit files at will.
But I don't want to give him full root access to the entire server.

Could I just create a Group? then assign that user and then the Home directory to that group?
Then in the future if I need to give more people access to the folder just create a user and then add them to that group?

Also any snytax on how to create this would be most helpful

Thanks
NetNinjaAsked:
Who is Participating?
 
modcon_jscottConnect With a Mentor Commented:
I would not give anyone outside of root access to the /home directory, this is not very secure.

A better solution would be to create another directory for the sftp user account and add the users to the group which owns this directory.  Then on your end you can create a cron that looks for changed files in this directory and do whatever you want with them.

These commands might help a bit:

mkdir /home/newuser
cd /home/newuser
umask 007 .
chown -R newuser:usergroup /home/newuser
chmod -R g+rwx /home/newuser

Once you have the directory set up, you can modify the SFTP config file to point this user to this new directory when they log in.
ProFTPd - http://gentoo-wiki.com/HOWTO_ProFTPD or
http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-ConfigFile.html


hope this helps....
0
 
http:// thevpn.guruCommented:
Could I just create a Group? then assign that user and then the Home directory to that group?
yes that would work..you would also need to chgrp the home dir
0
 
modcon_jscottCommented:
yes you can just create the group, but if you are going this far why not just give them root access anyway. This new user and all users who are part of this new group will be able to do what they please below /home

You could use sudo to control what commands this user can and cant run.

http://en.wikipedia.org/wiki/Sudo


Yes the group thing will work.  Unless you trust this user as much as you trust yourself, I would use a script based solution in conjunction with configuring your, hopefully jailed, FTP server.
0
 
NetNinjaAuthor Commented:
Thanks for your time.
0
All Courses

From novice to tech pro — start learning today.