My question is a bit complex. Basically, I want to give users ssh/sftp access to the server to their /home/user directory. I want to limit their ability to view other /home/user directories. Simple enough right? No. I want to have a seperate user (say apache) to have read access to all of the /home directories as well.
Right now I have the following perms:
drwxr-xr-x 14 root root 4096 Apr 3 15:41 home
...
cd /home
ll
drwxr-x--- 2 user1 user1 4096 Feb 10 14:16 user1
...
and I have added the user "apache" to the group for all users:
groups apache
apache : apache user1
The problem with this configuration is that when user1 logs in he can view /home/*
if I chmod the /home dir to 750 then when the user attempts to login he cannot get to his/her own folder.
Any suggestions?