I have an Apache webserver that we are preparing to serve data uploaded via FTP/S to our customers over the more convenient HTTPS protocol. At the moment I am using mod_authnz_external to allow the users to authenticate, but once authenticated the users cannot see files in their home directories where 'others' permissions are set to zero. I am not sure why this is the case, because if the user is authenticated I would expect them to be able to see their own files that are owned by their own user and group.
To work around the problem, I have also tried adding the Apache user 'www-data' to all user-named groups (as a secondary group) who do have permissions to read the files in their own home directory. However, this does not allow the user to see their own files when logged into the site, though I can view the files if I gain shell access as 'www-data' and browse the home directory from the terminal.
I need to know what I may be doing wrong, and how to achieve the end result of serving the contents of the user's home directory through Apache without having to grant permission to others. Any help on this is greatly appreciated, thank you.
>_< I'm an idiot.... I never restarted the apache2 service after adding www-data to the user group. So the process to make this work was
Keep in mind I'm running this on Debian 8, but running the reloading as follows seems to work without having to restart Apache, and without terminating existing connections:
The reason you have to add the Apache user, in my case, 'www-data', to a usergroup that has permission to read the directory is that authnz_external only says that the user is allowed to access the server, everything is still traversed as 'www-data'.