Lock user to home directory

Yil · 02-07-2014, 12:44 AM

There isn't a trivial switch you can flip to lock a user to their home directory. I've thought about such a feature for a while, but never got around to it.

You can however do something like this: give all users who are supposed to be locked into just their home directory a user flag like J for jailed or something. Mark all the top level dirs (besides /GUESTS !) as private with perms like "!J *" so everybody but people with the J flag should be able to see/use it. Assuming guests shouldn't be able to see other guest's dirs you can mark them as hidden to all but them as well with something like "1 -<username> !*". The 1 means regular SiteOps can see the dir. V flagged VfsAdmins and Master accounts will always see the dir no matter what.

If you do that a guest user with the J flag should only see /GUESTS from the root, and under /GUESTS only their own home directory. I think that's what you want. The only tricky part is to remember after you create each new jailed user to mark their home directory as hidden to all but them. I'd just make a macro in your FTP client to do this for you. In FlashFXP for instance you can ask for a username then create that dir, hide it, and then create the user, change the home dir, etc.

I'd also suggest you create a new group like Guests and put all the guest users into it. If you do this you wouldn't technically even need the J user flag since you could just test for group membership in Guests via =Guests or !=Guests instead of J and !J. The benefit of the group is you can use site gadduser Guests in your macro to add guests right into the Guests group which could have custom user defaults. Check out site help gadduser and site help /Defaults but I believe it's /Default=<groupname>. The site groups command can show you which groups have been customized to not user the regular /Default.User template. Use 'site uinfo /Default.User' or /Default=<groupname> to see the defaults.

The one thing I can't prove without testing is what happens with relative symlinks. Only VfsAdmins can create them but if you use something like "../../foo" that may or may not allow you to link to a dir not under your home dir. The idea here was you could expose selective parts of your server to a user in a custom home directory. This was in preparation for the jailed user feature instead of this workaround I just described, but I just don't remember how it works or if it handles everything properly. I know it doesn't stand a chance of working unless the keep_symlinks or whatever option is enabled, but I only mention it in case it's really useful for you. There is a workaround that uses NTFS junctions / hard links but requires certain other settings be changed from their default and I don't really suggest using junctions this way unless you know what you are doing.

mantonio1965 · 02-07-2014, 07:46 AM

Hello Yil and thanks for the reply.

I fact i used to create the users using gadduser and put them in GUEST group. However, when i use the user's login to check what it can see, i am able to walk all the way up to site root and see all the folders on site. I am not very familiar with ownership and making things visible/accessable to specific groups/users only. All the 1st level directories /* are owned by ioftpd/ioftpd. The /GUESTS folders ownership was set to ioftpd/GUEST as i thought that means the admin user owns this folder and all GUEST group members only may access it.

In fact it is what you mentioned that i want to achieve. If a GUEST user logs in, it must not see any other folders than /GUESTS and within /GUESTS only its own folder.

I have to play around with what you mentioned to see if i can get it and make this working for me. Guess i have to come back and ask a little more.