The answer , or my suggestion, is in two parts.
First you can not easily restrict a user to a single directory, such as his or her home directory, easily. They need access to many system files and applications, /bin/bash , ssh, scp, ftp, etc, etc, depending on what you are wanting them to do exactly.
The easiest way to do something like this would be a chroot
You can chroot single applications, such as ssh or apache.
You probably do not want a chroot, but perhaps you may. The point is you need to allow access to various system files in some way, either in a chroot or allowing access to system files.
Normally this is done with linux permissions. Say you want to deny access to /media/some_directory, you would set the ownership and permissions on the directory to restrict access.
For example, on your home directory,
If you need more then linux permissions, then at least on Ubuntu you will need either a chroot or apparmor.
Part 2 - Apparmor
What you would do is make a link to /bin/bash , I call it "jailbash"
You then change the users log in shell from bash to jailbash
sudo ln /bin/bash /usr/local/jailbash
Now write an apparmor profile for jailbash:
Here is an example :
That profile may be more or less restrictive then you want, you will need to adapt it to your needs.
It depends, is this ssh ? ftp ? shell access ? are you going to allow running X ? etc, etc, etc. You have not provided much in the way of details of what you are doing exactly, so hard to give you more specific advice. Perhaps all you need is standard permissions + encryption, or perhaps you need to install ssh + keys + forced commands, or a chroot, or vsftp, hard to know.