On 02/15/2010 01:27 PM, Scott Salley wrote: > I'm working on a set of patches to integrate Likewise Open (Active > Directory authentication for Unix/Linux/Mac) into Fedora/SELinux. > > > > I am having trouble defining how a user's home directory should be > handled. > > > > We don't place users directly in /home as the domain user account name > may conflict with an existing account. Instead, we use /home/%D/%U > where %D is the domain and %U is the user account. (We may have users > with the same account name in different domains.) > > > > I want to make sure that if users are joined while SELinux is not > enabled, and then SELinux is re-enabled, the files get the proper > contexts. > > > > Suggestions? > > > > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux Do you know the name of all domains? In Fedora 12 for d in $DOMAINS; do semanage fcontext -a -e /home /home/$d done -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
