I'm trying to set up sftp so that a few trusted people can access/edit/create some files. I have jailed a user into their home directory (/home/name) but have run into a problem. I want for them to also be able to access other parts of the VPS because it is also a game server, webhost, etc, and I want for them to be able to have full control of files outside their jailed directory.
I tried making a symlink (ln -s) to the desired directory but it does not work, as expected. I tried (cp -rl) to the files that I wanted to give access and it worked -- they can edit the files in their directory and it changes the one stored outside of jail. BUT they cannot create new files (they can but it won't update outside of jail). I know I'm probably not doing this the "right way" but what can I do to do what I want?
Symlinks are purely symbolic: they contain nothing but a path, so when you open a symlink, the OS reads the path and uses that instead. In a chroot environment, links (especially ones with absolute paths) typically don't point to the same place they pointed to in the normal environment.
If the server OS is Linux, your best bet is to bind-mount the entire directory somewhere inside the chroot directory. When using this, its important to remember that this is not a copy of the directory, anything deleted here will be removed from the other directory (important if the user can
mvfiles orrm -rf). To do this:The files in the directory ought to be real files. Symlinks here will probably have the same problems you have trying to link to the files in the first place.