Extra ftp

vps

#1

I need to give ftp access to my client but to a specific folder, as I can do? greetings and thanks for the help


#2

Hi!

I noticed you had a LiveChat session about this, but just to reiterate:

http://wiki.dreamhost.com/Sharing_Domain_Files_with_Multiple_Users

It’s good you’re on a VPS, as this cannot be done on shared. I’d recommend making the new user and moving the necessary site/folder to that user, and just share that user info with whomever necessary (the new user won’t have access to your other sites/folders unless you move them too). :slight_smile:


#3

the simplest way to do this is:

1> make a user with /bin/false as their user shell and the directory you want to allow access to as their home directory

useradd -d /path/to/the/directory/you/want/to/use -s /bin/false -g nogroup --no-user-group newftpusername

2> set a password and give it out to the people you want to allow access to


you could also have multiple different accounts all with read/write access to the same directory by making multiple users with the same group and the directory be group writeable

groupadd ftpgroup

mkdir /home/ftpdir

chown nobody /home/ftpdir

chgrp ftpgroup /home/ftpdir

chmod 775 /home/ftpdir

chmod g+s /home/ftpdir

chmod +t /home/ftpdir

useradd -d /home/ftpdir -g ftpgroup -N -s /bin/false user1

useradd -d /home/ftpdir -g ftpgroup -N -s /bin/false user2

etc…

then all users can have different passwords but upload to the same directory, also each user won’t be able to delete the other’s files (that’s what the chmod +t does)

this is better because you can see who’s uploaded what, so there’s some measure of accountability.

best of luck!


if it’s for someone you trust, that should work fine, but if you don’t trust all the users, note that this type of user will have access to changing directory to / and therefore will be able to read almost all your system configuration files, etc. if you don’t trust the users, make a public ftp server with a chrooted path and a public incoming directory, which should generally be world writeable and unreadable. you need to move stuff you accept to the server to a downloadable directory yourself or by an automated script (google on how to do this, zillions of guides out there). then again, remember public ftp servers with incoming directories have historically ended up getting used as warez sites a lot.