If you have a custom setup where home directories are in a special format, like: /home/$USERNAME/data, you can specify it using regular expressions. This is needed by CageFS to create safe home space for end user, where no other users are visible.
We will create empty: /var/cagefs/[prefix]/$USERNAME/home, and then mount /home/$USERNAME in that directory
To do that, create file: /etc/cagefs/cagefs.base.home.dirs
With content like:
If there is no such file, the home directory without last component will be considered as a base dir, like with
/home/$USERNAME we would create /var/cagefs/[prefix]/$USERNAME/home, and then mount
/home/$USERNAME in there
WIth /home/$USERNAME/data as a home dir, we would assume that /home/$USERNAME is the base directory, and we would create /var/cagefs/[prefix]/$USERNAME/home/$USERNAME/data and then we would mount /home/$USERNAME/data -- which would cause each user to see empty base directories for other users, exposing user names.
Sharing home directory structure among users
When you want to share directory structure among multiple users, you can add following line at the top of the /etc/cagefs/cagefs.base.home.dirs file. This is useful on the systems that support sites with multiple users, with different home directories inside main 'site' directory.
user1 has home directory /var/www/vhosts/sitename.com/web_users/user1
user2 has home directory /var/www/vhosts/sitename.com/web_users/user2
site admin has home directory /var/www/vhosts/sitename.com
So, content of /etc/cagefs/cagefs.base.home.dirs should be the following:
Directory structure in /var/www/vhosts/sitename.com will be mounted in CageFS for appropriate users.
Each user will have access to whole directory structure in /var/www/vhosts/sitename.com (according to their permissions).
* Note: you should execute cagefsctl --remount-all in order to apply changes to CageFS (i.e. remount home directories).