Link to home
Create AccountLog in
Avatar of randyphillips
randyphillipsFlag for United States of America

asked on

Ubuntu Webmin User Folder Limitation?

Using Webmin 1.530 in Ubuntu.
Is there a way to limit a new user to a specific folder on the Ubuntu server?
If I create a test user and set the folder to like /home/testuser they are able
to roam the whole server once they connect via sftp.
Avatar of Michael Warren
Michael Warren
Flag of United States of America image

Randyphillips,

You really need to use Usermin instead!  Have read of the following....

Even though it is possible to create a user with access to only his own email, home directory and password, Webmin is not always the best way to provide this kind of single-user web interface. A superior program is Usermin, which was developed by the same author and shares much of the Webmin code and user interface. It is designed to give each Unix user access to only those things that he would be able to access at the command line, such as his email, home directory files and GNUPG configuration. Usermin runs most of its code with the permissions of the logged-in user, so there is far less chance of a user doing things that he is not supposed to, or even gaining root access. See chapter 47 (Usermin Configuration) for more details on how you can manage Usermin from within Webmin.

Q: What is Usermin?

A: Usermin is a web-based tool for standard UNIX system users. Usermin provides web-based email, spam filter configuration, and optional access to advanced user account features like mail forwarding, vacation auto-responding, PostgreSQL? and MySQL? databases, and a powerful Java File Manager applet.

With Usermin, you can allow your users to maintain their own account, including changing passwords, managing files in their home directory, and more. The key to Usermin's power, however, lies in its limitations. With Usermin, one does not have to think about whether the user has too many privileges. A Usermin user has only the privileges of the logged in user, and cannot override those privileges in the same way as Webmin and Virtualmin can. If you trust a user enough to give them an email account, you can trust them enough to give them a Usermin account.


Usermin Information

This is the direction that you need to go!  Webmin is too powerful!

Hope this helps you.

Michael
ASKER CERTIFIED SOLUTION
Avatar of wesly_chen
wesly_chen
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of randyphillips

ASKER

I installed Usermin.
Guess I need to read up on that?  I can logon now but this is just a web server running Apache
and I need to setup users and want them to ONLY be able to FTP to their folder - nothing else.
There is no e-mail, etc., on this server.   Simple Apache with multiple domains that need specific
users logging into only their folder and nothing else for web data upload / mods.
Will check it out - ran out of time.
Thx
This is most likely the best solution after doing further research and even after installing ProFTPD in Webmin it appears this still needs to be done?  No simple GUI way to restrict users in Webmin.  Thanks!