Alessandro Dotti Contra's personal website

• home
• blog
• alex
• techies
• floss
• ict
• scrivere
• miscellanea

System administration

• tuning
• virtualization
• filesystems
• raid
• userland
• sysadmin miscellanea

Networking

• dns
• httpd
• smtp
• ldap

Security

• hardening
• securing services
• firewalls
• tls
• encryption

Development

• programming tools
• languages
• frameworks
• webdesign
• dummy code

DBMS

• databases design
• dbms administration

How to create a user jail

Each user can manage the files in his home directory and in a shared area. He can't access any other portion of the filesystem.

Set the shell of every user to scponly

Create the shared area and set the correct permissions

# mkdir /var/share
# chown root.users /var/share
# chmod 0770 /var/share

Create a mount point for the shared area in each home directory

# mkdir /home/$user/share

Mount the shared area

# mount --bind /var/share /home/$user/share