You could do it like this: Say you have /www/sites/<vhost>, make a subdir /files/html, and another for /html which is a symlink to files/html:
/www/sites/www.somedomain.com /www/sites/www.somedomain.com/files/html /www/sites/www.somedomain.com/html -> files/html Mount /www/sites/www.somedomain.com to /home/<chroot_user> Point document root for that domain/vhost to /www/sites/somedomain.com/html. Graceful restart apache. If you only want the chroot user to have access to a subdir inside of html, then just mount the subdir to their home folder On Wed, Jun 14, 2017 at 9:06 AM Markus Rosjat <[email protected]> wrote: > > > Am 14.06.2017 um 15:53 schrieb Markus Rosjat: > > > > > > Am 14.06.2017 um 13:42 schrieb Jiri B: > >> On Wed, Jun 14, 2017 at 01:09:47PM +0200, Solne Rapenne wrote: > >>> Je 2017-06-14 13:02, Bryan Harris skribis: > >>>> On Linux I have mounted another fs inside the user's home folder (it > is > >>>> mounted twice). I don't know if OpenBSD has that feature. > >>>> > >>> > >>> This is not possible on OpenBSD, mount will tell "device is busy". > >>> > >>> On linux you should use mount --bind to bind a folder on another > instead > >>> of mounting twice the mountpoint. FreeBSD has mount_nullfs to do > exactly > >>> the same thing as --bind, but OpenBSD doesn't have any of this. > >> > >> Do you build a shell server or you just want to give SFTP access > >> to users' web data? > >> > >> If the latter, why don't you just chroot them directly into their > >> user dir inside web root? Or, just define their home to be inside > >> web chroot... > >> > >> j. > >> > > > > like I stated bevor I know I can simply give them there webcontent > > folder as home and chroot this for sftp but then again how to handle the > > .ssh or other . folders and files? I read somthing about placing it > > outside the home dir and define the location over sshd_config but not > > sure if this is proper solution. > > > > > > okay I tried to set the chroot in the sshd_config to the www dir of the > user and it seems to work so far. Since this is a dev machine it's okay > for now. So there is still time to sort out the kinks > -- > Markus Rosjat fon: +49 351 8107223 <+49%20351%208107223> mail: > [email protected] > > G+H Webservice GbR Gorzolla, Herrmann > Königsbrücker Str. 70, 01099 Dresden > > http://www.ghweb.de > fon: +49 351 8107220 <+49%20351%208107220> fax: +49 351 8107227 > <+49%20351%208107227> > > Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before > you print it, think about your responsibility and commitment to the > ENVIRONMENT > > -- There's no place like 127.0.0.1
