Heyho,
so, while experimenting with setting up my own webserver on a Raspberry Pi, I've come up with something that should be quite simple in my opinion, but seems to be quite hard (or I can't find the right explanation):
On this server, I am working on projects with a few more people, and now that I got Apache to run, of course I also want to use my webdev skills to get a website or two online there. As I don't really like the idea of coding a website in nano, I intend to use VS Code/PHPStorm/... on my Windows machine, and just synchronize my files with the server via FTP/SFTP.
I've set Apache's root directory to an external drive attached to the Raspi and mounted at /mnt/STORAGE. On that drive, I've set up a folder at /mnt/STORAGE/Server/web, which is the root of my apache webserver.
So, here's the idea: When anyone (me or a co-worker) who already has a user account on this server (with a respective /home/$USER directory) signs in using an FTP/SFTP client (in my case, FileZilla), I want EVERYONE to be limited to only /mnt/STORAGE/Server/web, my web server root.
Just logging in normally via SFTP gets me to my /home/pi directory, from where I can of course naviagte to my web root, but that's highly annoying (and I can still access everything else!), trying to chroot everyone to this web root directory regardless of who they are leaves me being unable to connect (simply times out).
Is there no simple way to just limit everyone to that directory when using SFTP, or at least set it as the start directory (guess I gotta trust my co-workers then, but a limited SFTP access would be more desirable)? I've found a dozen ways to limit everyone to their own home directory, but instead, I want everyone in /mnt/STORAGE/Server/web.
Hope anyone can help me out. This can't be too hard, right? To me, that's an intuitive idea, and I know for a fact that for instance STRATO (hosting provider) must've found a way to do that, as I've been using a STRATO webserver together with someone else before...
Regards, and thanks in advance
