CentOs 6 Linux Server
I have an SFTP user (userok) that is jailed to a particular sub domain. All working perfectly fine and that is all that user has access to (full permissions).
I have just created a new SFTP user (userfail) on the same server and followed the process that I thought would jail them to their sub domain (a different sub domain).
When I log in with userfail, they are within their sub domain correctly, but they can see everything outside of their home directory and navigate all the way back to /.
The sshd_config file is all set up correctly as other SFTP users are jailed okay on the same server. There is no directory binded for userok.
The permissions for both paths to each sub domain are the same (rooted all the way to httpdocs and then the SFTP user takes over) - both users belong to the apache group.
I can't find out why (how) userok is jailed okay and userfail is not when both appear to be set up identical. How can I find out the current setup of userok to find out what is different to userfail?
sshd service restarted. No errors in /var/log/secure.
Ah, user error.
userok was actually part of the group sftp whereas I added userfail to the group apache (it was in fact the files in the sub domain that was userfail:apache).
Once I did
usermod -g sftp userfail
, user was jailed to home directory successfully...