Hi everyone

I've been running a linode for a while now, but is has been a simple single user system - Me

And now more users are going to be hosted on my linode, mostly just web and version control. But how do i manage that in a secure way for everyone so no one gets access to the wrong libraries.

I thought that one location for everything

/srv

was the most logical thing to do, makes it easier to backup.

For each company / friend i make a set of folders

Single user
/srv/friend1/www
/srv/friend1/svn
/srv/friend1/data

multiple users
/srv/company1/www
/srv/company1/svn
/srv/company1/data

/srv/company2/www
/srv/company2/svn
/srv/company2/data

/srv/friends2and3/www
/srv/friends2and3/svn
/srv/friend2and3/data

But how do i make groups and assign users to these groups, and then limit the user or group to their /srv location?

People are going to use scp to upload files and etc, and when i log in with my normal user today, i can go into any directory and copy files etc - I really don't want ppl to be able to access other ppls files. How do i secure them from eachother?

And is there anything else I've forgot thats crucial?

Hope someone can share some wisdom

You know, by default, if you add a user, they get their own directory in /home and you can set it so by default /home/user is has 770 permissions (umask of 007) so no one else can see each other's stuff.

Then you can have /home/user1/web, /home/user1/svn, etc. Be sure to make it so /home/$user/web can be read by others so apache can see it. (Unless you're going to run each domain as a different user, there's some apache module for that, too.)

Each user gets a group with their own name. And if you need to create a /home/grouping1 that has multiple people who need access, create a group called grouping1 and then add user1 and user2 to it.

Then you just backup /home and /etc (which has all of your configs) and /root (which, for me contains nothing, but who knows what you're doing).