I imagine there is a better way to go about what you're doing. I would be careful when allowing access to my root, but here is one way to go about it:
To be able to access that directory under the root on your user, you will need permissions on directories all the way to the exampledirectory. I did an example of this to check things out. I think a good way to go about it would be to create a new group, maybe call it root-traverse: sudo groupadd root-traverse
After that add your user to that group: sudo usermod -aG root-traverse your-username
. This will give your user access to whatever root-traverse
has access to. Don't forget to either log out and log back in to make the group effective, or do su your-username
and then check id
to see if you are now in the group root-traverse
.
After this you will want to add the group root-traverse
to your root directory permissions, I prefer to do this as an ACL (if you have to at all). It's a way to access more fine-grained permissions. sudo setfacl -m g:root-traverse:rx /root
. This will give that group only enough permissions to get into the root directory and list the files/folders inside. I still don't like this as far as security goes, but it is what it is.
Almost done, now for the directory you want access to: /root/exampledirectory you need to sudo chown -R root-traverse: /root/exampledirectory
and sudo chmod -R 770 /root/exampledirectory
Now you can change directories into that directory and also add and edit files inside! To start an ssh session there, you can save a script into your /home/your-username/bin or wherever you prefer to keep it. vim ssh-script.sh
#!/bin/bash
Start ssh session in preferred directory
ssh -t xxx.xxx.xxx.xxx "cd /root/exampledirectory ; bash --login"
I believe that should do the trick. Don't forget to chmod +x ssh-script.sh
on the script you create to make it executable. Then to run your stuff, ./ssh-script.sh
or you can put it somewhere that is included in your path and run it just like a normal command ssh-script
. Good luck!
Edit: After some thinking, you could use a bind mount to mount that exampledirectory into your home directory, then just set the ACL permissions on that from there. You wouldn't be giving any access to the root directory at that point.
/root
is most likelyrwx------
. Regular users cannot access/root/whatever
then. Also see Execute vs Read bit. How do directory permissions in Linux work? – Kamil Maciorowski Mar 10 '22 at 17:18