[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

proftpd chroot with mount --bind /source_dir/ /dest_dir/

We don't have per domain accounts we have user accounts with access to
web files for various domains.

We're looking to chroot user's ftp sessions to their home directory. with
a "site" sub directory.

something like:

	/ 		== /home/people/user
	/sites  	== /home/sites/
	/sites/site_01	== /home/sites/site_01
	/sites/site_01	== /home/sites/site_02

chrooting breaks symbolic links

The (pretty good) faq at the proftpd site suggests using the

mount --bind /source_dir /dest_dir_01
mount --bind /source_dir /dest_dir_02

feature which is available in 2.4 and greater kernels.

I'm mildly concerned about how hundreds or thousands of these mounts will
effect stability.

I'm even more curious about implementation details from people that have
done this.

Everyone that has access to a site's files is in a group named after the

btw, despite not making  entries in fstab, the (3) mount --bind
commands I did survived a reboot, which is curious.

Reply to: