Limit User access through FTP to a single directory on the main site

[gdpgdp]

Hi,

I have a situation where I need to give a user access to a single directory on the main site, so they can upload files to that directory, but not have access to anything outside that directory.

How do I set this up?

 

[Amin Taheri]

Plesk itself doesnt have that ability from what I understand, but you can do that if its setup as a sub domain.

 

[gdpgdp]

Don't mind if its not built in, but is there something I can do through SSH manualy?

Really need the facility to be able to restrict users to just one directory in the main site folder!

Thanks

 

[Amin Taheri]

http://kb.swsoft.com/en/415

Login to the server as 'root' user and create a system user (for example USER_NAME) with home directory you need, for example:

# /usr/sbin/useradd -d $HTTPD_VHOSTS_D/your_domain/some/location -s /bin/false -p 'USER_PASSWORD' USER_NAME

Note, include user password in quotes in case it contains any special symbols.

Add this user into 'psacln' group:

# /usr/sbin/usermod -G psacln USER_NAME

The user will be 'chroot'-ed to his home because 'psacln' group is listed in /etc/ftpchroot. Set read/write permissions for this user on his home directory, for example:

# chmod 755 $HTTPD_VHOSTS_D/your_domain/some/location
# chown USER_NAMEsacln $HTTPD_VHOSTS_D/your_domain/some/location

$HTTPD_VHOSTS_D - have to be replaced with the real path to the Plesk virtual hosts in the all examples above.

If you dont know it, you can get $HTTPD_VHOSTS_D from your psa.conf file.

cat `locate psa.conf` | grep -i HTTPD_VHOSTS_D | uniq | awk '{print $2}'

 

[gdpgdp]

Yes, I saw those instructions, and although I followed them to the letter, when it came to logging in through the FTP client, it failed.

I removed the user and tried a couple of times, but still no joy.

 

[Amin Taheri]

I just went through a two day stint to prove to swsoft that the instructions do not work. They did not believe me at first, but once I proved it they have ameneded the instructions and they should now work.

 

[gdpgdp]

Fantastic!

Thanks for your help on this one. Really annoying when you follow instructions and they still don't work

Appreciate you getting it sorted.

 

[thedevilman]

This has really helped me alot. Thank all of you for helping me out with this. I still don't know how i missed that article while searching until i found it here.

I have a bit of an obsticle still though if anyone could help out. I need to create multiple accounts all with access to a single directory. Basically i already did what was stated above for a single user but i still need to create additional users with read and write access to the same directory.

So i supopose it would probably come down to...
What would be the method for creating additional users, then changing their home directory to the one already created for the first user i already made... and then finally, giving them read/write access to the directory also?

Any help would be greatly appreciated. Thank you!

 

[thedevilman]

Is anyone able to help we out with this? It would be extremely appreciated.

 

[Amin Taheri]

The only way I know of is to do a group ownership change on the folder and put all users into the same group - but I dont think that will work becuase Plesk requires group to be itself on web folders.

So I think the reason you rae not getting any response is that no one knows how to do it in a good way so that it will work, and not that no one wants to help you

 

[thedevilman]

Thank you for the reply. I see your point. I really hope there is some way to work around this to find a solution, but for now i am not finding a way. Hopefully someone very clever out there will find a way.

Thank you again for your reply.