On Fri, 2008-07-18 at 13:42 -0400, Daniel J Walsh wrote: > Mike Edenfield wrote: > > I apologize if I'm not doing this right, I'm kinda new at this... > > > > I have made some changes to the SELinux policy for our intranet servers > > that I thought might be useful to a broader audience. Included below is > > a patch to the latest refpolicy. This has been tested on the Gentoo > > systems we have here; I don't have easy access to other SELinux systems > > at the moment. It does the following: [...] > > * Adds a tunable that lets samba create home directories via pam_mkhomedir > Could you do this with pam_oddjob_mkhomedir without having to add the > privs. I think this is a better solution. What if you don't have oddjob? It doesn't hurt to have the perms in a tunable. It could be put in a ifndef distro_redhat, if samba in fedora/rh requires pam_oddjob_mkhomedir. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
