I have a server that multiple users access via sftp. They do not have ssh access and they are contained to their home directory by setting the ChrootDirectory /home/%u in the /etc/ssh/sshd_config file. I want one user to be able to access an entire directory containing files uploaded by another user. I tried creating a symlink: ln -s /home/user2/files /home/user1/other_files but when user1 logs in, they can see the link but not navigate to it. If I ssh into the box, I can use the other_files symlink to see the uploaded files, but the sftp users cannot (they get a permisisons error when accessing).
Can I allow these users to share files automatically while still containing them to their home directory? I know the symlink points to a path outside of their directory, which I believe is causing the permission issue. I can't manually move the files - the uploads are automatic and occur frequently, so I need user1 to be able to see the files as soon as they're uploaded. If I recreate the users with the same home directory and adjust the permissions of their respective upload directorys, would that allow user 1 to get the files? Ideally, user 2 shouldn't have access to any of user 1's files, but if that has to happen, it will still work for me.
Some random untested ideas:
Have you tried chrooting user2 to a subdirectory of the directory to which user1 is chrooted?
If they don't have SSH logins or use other services, the overlap probably won't cause any problems :-)
Perhaps you can also use the sticky bit to prevent user1 harming user2's chrooting environment?
Finally, if you must continuously duplicate files between two separate chrooted home directories, have a look at
inotify. There's alsoinotify-toolspackage that looks handy