[03:29] <Holler> quick question
[03:29] <Holler> how to make user login DIRECTLY in his home directory and not anywhere else @ ssh
[03:41] <joeb3_> Holler, http://allanfeid.com/content/creating-chroot-jail-ssh-access
[08:51] <lordievader> Good morning.
[08:52] <RoyK> gd mrnng
[08:53] <lordievader> ;)
[08:53] <RoyK> gss vwls wll cm ltr
[08:54] <lordievader> Haven't had enough coffee for that sentence :P
[08:58] <RoyK> (guess vowels will come later)
[08:59] <lordievader> Ah, there they are :P
[08:59] <RoyK> woke up too early - it's a day off before a day off before new year's eve and a weekend
[09:19] <EmilienM> jamespage: hello, any idea when can I install mitaka on trusty with proposed repo?
[10:39] <Walex2> EmilienM: don't know, but is that the "4D universe modeler"?
[10:39] <Walex2> http://4d2u.nao.ac.jp/html/program/mitaka/index_E.html
[12:37] <jamespage> EmilienM, hopefully by end of next week
[14:17] <Holler> yeah... i'm back
[14:18] <Holler> How can I make the user login in his own home directory and not anywhere else? How can I be sure?
[14:18] <maswan> A login requires more than just the home directory (shell, userspace tools, etc), so no.
[14:20] <Holler> Can I understand more about shells?
[14:20] <maswan> Yes.
[14:20] <maswan> That would be a good starting point.
[14:20] <Holler> One more thing
[14:21] <Holler> Ever heard of GADMIN-PROFTPD?
[14:21] <maswan> Are you talking about ftps for file transfers and not login (i.e. ssh or local)?
[14:22] <maswan> Then chroot is the thing to setup support for
[14:22] <Holler> Yeah, there's a problem with gadmin-proftpd, it says no uppercase letters allowed but I don't have any uppercase letters anywhere in settings...
[14:22] <Holler> weird
[14:25] <RoyK> just don't use ftp
[14:25] <Holler> What about doing all that restrictions in openssh? Is it difficult?
[14:26] <RoyK> Holler: you can setup chroot with openssh, but what's the point? just set the permissions right and the user can't do much anyway
[14:26] <Holler> Yep, I tried permissions yesterday
[14:26] <Holler> If you may, I can tell you what went wrong
[14:26] <RoyK> "tried"?
[14:27] <Holler> Yep, experimented
[14:27] <RoyK> chmod go-rwx -R /home
[14:27] <RoyK> and ta-taa - no users can read any other users' data
[14:31] <Holler> well that might work but my problem extends more than that, I there are folders other than user's home that I want them to access and not access
[14:31] <Holler> I must manually do it
[14:48] <RoyK> Holler: the default system config is rather secure as it is - what sort of other folders?
[14:51] <Holler> game server files in home
[14:51] <Holler> I want them to access SOME files, not all
[15:12] <RoyK> Holler: then set the permissions correctly ;)
[15:12] <RoyK> Holler: if you chroot the user to $HOME, they won't have any chance of accessing /home/somewhereelse
[15:13] <RoyK> or *anywhere* else outside $HOME
[15:23] <Holler> oh no
[15:23] <Holler> what should I do to make them only access /home/somewhere/thisthing on logging in?
[22:07] <blizzow> I plugged the second network card on a few servers into a second switch.  The main NIC is 172.16.1.2 and my router is plugged into that switch.  I've tried to configure my second network card as 10.0.0.2 but when I do ifconfig eth1 10.0.0.2 netmask 255.255.255.0, I lose all network connectivity.  How should I configure my second network card to be on a second LAN and not mow my eth0 traffic over?