This is undoubtedly a fairly common topic, but excessive searching both on this forum and Google have not yielded an idiot-proof tutorial for my specific use case.
I have a fairly basic setup with a single volume ("Storage") divided into a number of sub-directories ("Video", "Documents", "Games", etc). There's currently only one user account ("Waffles") which matches my Windows user and password and has full read/write access to everything on Storage. I've had no trouble getting SSH working for myself (just turn on the service in FreeNAS and log in with "Waffles" on an SSH client). However, I'd like to share specific folders with others who can log in with their own accounts and be locked to the specified folders.
I've set up other users (let's call them "VideoShare" and "DocShare") and set their home directories to their respective folders, but when SSH-ing in you can very easily go up a level and access anything else on the volume. Numerous tutorials talk about chrooting, but all that I've found involve using ZFS datasets with no explanation of what they are or how they work (a fact that led me to name a dataset "Video" and made that entire sub-directory disappear). Furthermore, many of the folders on my volume are full of terabytes of data, and creating datasets seems to create new, empty directories. While I could technically create datasets and manually move the files into them, my volume is approaching capacity and the idea of cut/pasting a two terabyte folder is somewhat worrying to me.
I should also point out that while largely computer savvy, I have very little knowledge of Unix based stuff and have done just about all of my FreeNAS work so far through the GUI. Also, I would really like my existing "Waffles" account to be unaffected by this if possible, as it is basically my admin account.
tl;dr: I need a dumbed down tutorial to take a nearly full volume with multiple sub-directories and divvy those directories up to SSH users that cannot exit them WITHOUT affecting my personal account's ability to access all the folders at once.
Bonus points if one user could access multiple of those directories (say a "Family" account that can access "Video" and "Documents" but NOT access "Games"), but now I'm just getting greedy.
I have a fairly basic setup with a single volume ("Storage") divided into a number of sub-directories ("Video", "Documents", "Games", etc). There's currently only one user account ("Waffles") which matches my Windows user and password and has full read/write access to everything on Storage. I've had no trouble getting SSH working for myself (just turn on the service in FreeNAS and log in with "Waffles" on an SSH client). However, I'd like to share specific folders with others who can log in with their own accounts and be locked to the specified folders.
I've set up other users (let's call them "VideoShare" and "DocShare") and set their home directories to their respective folders, but when SSH-ing in you can very easily go up a level and access anything else on the volume. Numerous tutorials talk about chrooting, but all that I've found involve using ZFS datasets with no explanation of what they are or how they work (a fact that led me to name a dataset "Video" and made that entire sub-directory disappear). Furthermore, many of the folders on my volume are full of terabytes of data, and creating datasets seems to create new, empty directories. While I could technically create datasets and manually move the files into them, my volume is approaching capacity and the idea of cut/pasting a two terabyte folder is somewhat worrying to me.
I should also point out that while largely computer savvy, I have very little knowledge of Unix based stuff and have done just about all of my FreeNAS work so far through the GUI. Also, I would really like my existing "Waffles" account to be unaffected by this if possible, as it is basically my admin account.
tl;dr: I need a dumbed down tutorial to take a nearly full volume with multiple sub-directories and divvy those directories up to SSH users that cannot exit them WITHOUT affecting my personal account's ability to access all the folders at once.
Bonus points if one user could access multiple of those directories (say a "Family" account that can access "Video" and "Documents" but NOT access "Games"), but now I'm just getting greedy.
