I am building an SFTP server where I have to give users access to individual dirs on different drives.
I can't use symlinks because that allows them access to everything and cause navigation confusion.
I cant use cp -r because it takes too long and uses too much space.
I cant use cp -al because it won't link across the different devices. It works great if there is only one device though.
Currently I am using "mount –bind" to mount the dirs from the different drives to the user's homedir on the ftp. I made a script that removes old mounts that are no longer required and reinstates mounts after a reboot, without involving fstab.
It seems like a sloppy solution though, and eventually I will have hundreds if not thousands of mounts. Is there a better way to do it or is this acceptable? I Is there is a limit to the number of mount –bind you can have running at once?
Best Answer
How about using ACLs (Access Control Lists) in this case? All the modern filesystems do support ACLs and with them you can grant access to individual directories/files more granularly than with traditional Unix permissions.
For starters, try
man setfacl. It has several examples listed.