Limit access on external drive mounted and used by sftp I've got a unix user "popolo" who is chrooted in `/srv/ftp/` and I mount my two external drives by `/etc/fstab` in `/srv/ftp` so I have `/srv/stp/dude` and `/srv/ftp/sweet`. Popolo has access to those drives by sftp. In `dude/` I've several directories: `dude/music`, `dude/photos`, `dude/movies`, and for some of them (like photos) I don't want that popolo can access to them. Is using `/etc/fstab` and a user chrooted via sftp is the best way to do this ? How can I restrict access to some directories ?

Use normal Linux/Unix permissions on your `dude/photos` to make sure that `popolo` can't access them.

Assuming that `popolo` isn't the owner of those files and directories and isn't in the group, then a simple `chmod -R o-rwx dude/photos` should make sure that `popolo` can't access those files.

**Or:**

An alternative way would be to give `popolo` and empty `chroot` home and bind mount all the directories that you _want_ that user to access into that empty `chroot`.

Assuming (again) that `popolo`'s `chroot` home is now `/home/popolo` then:


mkdir /home/popolo/music /home/popolo/movies
mount --bind /srv/ftp/dude/music /home/popolo/music
mount --bind /srv/ftp/dude/movies /home/popolo/movies


As you haven't bind mounted your `dude/photos` directory, `popolo` won't have access to them.