0

My apache root /var/www/html/ contains the following folders.

  1. myapp
  2. test
  3. testapp

I want to create a new user to access only testapp folder (read/write). Other folders shouldn't be read.

I created a new user for for the group www-data (as www-data is the owner of the /var/www/html/) and I'm able to login via ssh as well. Now the problem is the new user is having access to all the 3 folders above. I need to restrict the user to have access only to testapp folder. (Other folders shouldn't be read by the new user)

Some people suggested to use chroot but it is unclear for me. Is there any way to restrict the www-data user only to a specific folder?

Improve this question
4
  • 1
    Just to mention it: The websites should be child's of www not of html, html is just the default website!
    – Info-Screen
    Commented Jun 18, 2016 at 6:22
  • @Info-Screen that's fine. But that's not the issue here
    – Linga
    Commented Jun 18, 2016 at 6:26
  • 1
    Can't you just change the group of testapp and then add new user to that group.
    – Gayan Weerakutti
    Commented Jun 18, 2016 at 6:43
  • Can you run the following in the terminal and add the output to the question - ls -l /var/www/html
    – chesedo
    Commented Jun 18, 2016 at 7:37

1 Answer 1

Reset to default
0

Let's call your new user testapp:

You have to remove read access for "other" of all files and folders. Issue the following commands:

  1. chmod -R o-r /
  2. chown -R :testapp /var/www/html/testapp
  3. chmod -R g+rwx /var/www/html/testapp

Remove your new user from the www-data group, but remember when www-data cannot read files, it won't be readable on your website

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .