Ask Ubuntu Asked by BalaB on January 19, 2021
We have 3 groups. testuser is part of sftponly and cbpp-uat. userdev is part of cbpp-uat and cbpp-ci.
testuser is unable to connect to SFTP server when he/she is in both sftponly and cbpp-uat.
But able to connect if he is in either one of the group.
bala@ip-10-0-10-xx:/$ ls -ld cbpp*
drwxr-xr-x 10 root root 4096 Apr 14 16:29 cbpp
drwxr-xr-x 11 root root 4096 Sep 2 07:56 cbpp-dev
drwxr-xr-x 11 root root 12288 Sep 17 02:59 cbpp-uat
bala@ip-10-0-10-xx:/$
Match Group sftponly
ChrootDirectory /cbpp
AllowTcpForwarding no
X11Forwarding no
ForceCommand internal-sftp -l VERBOSE -f LOCAL7
Match Group cbpp-uat
ChrootDirectory /cbpp-uat
AllowTcpForwarding no
X11Forwarding no
ForceCommand internal-sftp -l VERBOSE -f LOCAL7
Match User cbpp-ci
ChrootDirectory /cbpp-dev
AllowTcpForwarding no
X11Forwarding no
ForceCommand internal-sftp -l VERBOSE -f LOCAL7
My requirement is, when testuser logs on the SFTP server, he/she should be able browse then files under both /cbpp and /cbpp-uat. How can I make it possible ?
Your current setup seems wrong logically, the server wouldn't know which which config to use and can't be both.
You can play with the structure of the folders
/cbpp/cbpp-uat or reverse /cbpp-uat/cbpp/cbpp2 then bind mount /cbpp to /cbpp2/cbpp and /cbpp-uat to /cbpp2/cbpp-uat. Use /cbpp2 for group that need access to both.Answered by user.dz on January 19, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP