The attached patch fixes a bug in genhomedircon.
Without this if you create system users with "useradd -r" and give them home
directories in unusual locations (such as /usr/DIR or /var/run/DIR) then a
file_contexts file will be generated that will mess up your system.
This match makes it check /etc/login.defs for the value of UID_MIN.
Also perhaps we should make STARTING_UID default to 500. 500 is the default
value for this in Fedora.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--- genhomedircon 2004-07-19 22:29:23.851864480 +1000
+++ /usr/sbin/genhomedircon 2004-07-19 22:47:01.984003944 +1000
@@ -25,7 +25,6 @@
import commands, sys, os, pwd, string
EXCLUDE_LOGINS=["/sbin/nologin", "/bin/false"]
-STARTING_UID=100
def getPrefixes():
ulist = pwd.getpwall()
@@ -92,6 +91,12 @@
print len(sys.argv)
usage("Incorrect parameters")
+ rc=commands.getstatusoutput("grep -h '^UID_MIN' /etc/login.defs | sed -e 's/^UID_MIN[^0-9]*//'")
+ if rc[0] == 0:
+ STARTING_UID=rc[1]
+ else:
+ STARTING_UID=100
+
FILECONTEXTDIR=sys.argv[1]
prefixes = getPrefixes()
