|
Same results:
# ls -laZ drwxr-xr-x. root root system_u:object_r:home_root_t:s0 . dr-xr-xr-x. root root system_u:object_r:root_t:s0 .. # ssh tu-1@localhost tu-1@localhost's password: -sh-4.1$ ls -laZ drwx------. tu-1 UnixGroup system_u:object_r:home_root_t:s0 . drwxr-xr-x. root root system_u:object_r:home_root_t:s0 .. -rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .bash_logout -rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .bash_profile -rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .bashrc drwxr-xr-x. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .gnome2 drwxr-xr-x. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .mozilla -rw-------. tu-1 UnixGroup unconfined_u:object_r:home_root_t:s0 .vas_disauthcc_100001 -rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .vas_logon_server -sh-4.1$ exit logout Connection to localhost closed. # ls -laZ drwxr-xr-x. root root system_u:object_r:home_root_t:s0 . dr-xr-xr-x. root root system_u:object_r:root_t:s0 .. drwx------. tu-1 UnixGroup system_u:object_r:home_root_t:s0 tu-1 Does the home directory creation script have to be labelled any particular type? The main daemon is running as type qasd_t and the binary is labelled as qasd_exec_t, the script is labelled as qasd_bin_t. I am not sure if this matters. unconfined_u:system_r:qasd_t:s0 root 4321 1 0 Feb11 ? 00:00:12 /opt/quest/sbin/.vasd -p /var/opt/quest/vas/vasd/.vasd.pid unconfined_u:system_r:qasd_t:s0 daemon 4333 4321 0 Feb11 ? 00:00:23 /opt/quest/sbin/.vasd -p /var/opt/quest/vas/vasd/.vasd.pid The script that creates the directory is doing nothing special, just a mkdir /home/$username, sets the user as the owner and changes permissions and then copies over the skel files. > Date: Wed, 12 Feb 2014 13:12:58 -0500 > From: dwalsh@xxxxxxxxxx > To: swazup@xxxxxxxxxxx; selinux@xxxxxxxxxxxxxxxxxxxxxxx > Subject: Re: What is the correct way to create a users home dir > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 02/12/2014 01:05 PM, Jayson Hurst wrote: > > l# sesearch -T -s qasd_t -c dir Found 5 semantic te rules: type_member > > qasd_t user_home_dir_t : dir user_home_dir_t; type_transition qasd_t > > user_home_dir_t : dir user_home_t; type_transition qasd_t var_auth_t : dir > > qasd_var_auth_t; type_transition qasd_t etc_t : dir qasd_conf_t; > > type_transition qasd_t home_root_t : dir user_home_dir_t; > > > > Could you test again. > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iEYEARECAAYFAlL7uaoACgkQrlYvE4MpobNU+wCfbaiM2LiQ1uc4tbWfDfwXyhlS > bXEAoIpMDcQbTuUdZs36alkz5zGZPKTz > =X747 > -----END PGP SIGNATURE----- |
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
