Gotta love software that’s humble and knows its place. With all these “innovative, industry shaking, market disrupting” social networking web 2.0 iPhone apps out there that are “simple, beautiful, easy-to-use, doesn’t get in the way,” its nice to be reminded by tar that software can be humble.
If you do this, it won’t tar hidden (like .htaccess) files:
tar -cf myfile.tar *
Instead do this:
tar -cf myfile.tar /home/meatloaf/jams
Here’s how to exclude those crazy backups you did:
tar cf sitearchive.tar --exclude=*.sql --exclude=*.gz *
Had to move our 1.5GB SVN repository from one server to another yesterday. Didn’t have enough room to tar, then gzip so I piped:
tar cvf - svn_repository/ | gzip -c > svn.tar.gz
My hatred of plain FTP is well documented, but I needed change the root directory of a new SFTP user to their home folder (/home/user) so they can’t navigate back to / on the server.
Do your usual create new user stuff:
mkdir /home/steveperry
useradd steveperry
chown root:steveperry /home/steveperry
chmod 755 /home/steveperry
Force the normal login directory just in case:
usermod -d /home/steveperry steveperry
Set the new user a dummy shell (so they don’t have real shell access).
usermod -s /bin/false steveperry
Now, steveperry should have read access to his home directory. Let’s give him a place to upload stuff:
mkdir /home/steveperry/jams
chown steveperry:steveperry /home/steveperry/jams
chmod 755 /home/steveperry/jams
In the file /etc/ssh/sshd_config comment out “Subsystem sftp /usr/lib/openssh/sftp-server” and add “Subsystem sftp internal-sftp”
# Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
Also in /etc/ssh/sshd_config, add the following lines at the end of the file to force steveperry to be jailed into his home directory.
Match User steveperry
ChrootDirectory /home/steveperry
ForceCommand internal-sftp
Done! Restart the ssh daemon (run this any time you want changes to become effective):
sudo /etc/init.d/ssh restart
(credit, most of this stolen from: http://www.ericstockwell.com/?p=54)
