-----------------------------------------
(3) Giving SFTP users read access to some other directory
As an interesting aside, let's say you (the sysadmin) have a common info/media/data directory you wish to share with your sftp users without actually copying all that data over (or allowing it to be edited/deleted/corrupted). We can do this by mounting it read-only somewhere in their login directory. They're going to need a place to get to it:
Code:
$ sudo mkdir /home/johndoe/readonly
Now we mount our directory of choice (in this example, /home/sysadmin/junk/shared-data) as read-only in said folder:
Code:
$ sudo mount -r --bind /home/sysadmin/junk/shared-data /home/johndoe/readonly
It might help to add the above command to /etc/rc.local so that it happens automatically on startup. Anything added to rc.local will run as root at startup, so there is no need to indicate 'sudo'. In other words, you would add this command to /etc/rc.local as follows (before the 'exit 0' of course):
Code:
mount -r --bind /home/sysadmin/junk/shared-data /home/johndoe/readonly
Note: You cannot mount more than one folder/device/partition/netshare in a particular location. Doing so won't damage anything, but the mount point will only display the object mounted last in sequence.
-----------------------------------------
5 Cups of Ubuntu
Originally Posted by lusixhan
Posting Permissions
Adv Reply
Bookmarks