On Tue, Oct 27, 2020 at 05:53:43PM +0100, Vit Mojzis wrote:
> Only add user homedir context entry when usepasswd = True
>
> Resolves:
> \#cat /etc/selinux/semanage.conf | grep usepasswd
> usepasswd=False
> \#useradd -Z unconfined_u -d /tmp test
> \#matchpathcon /tmp
> /tmp unconfined_u:object_r:user_home_dir_t:s0
It should be enough to indent lines with few spaces, e.g.
Resolves:
# grep usepasswd /etc/selinux/semanage.conf
usepasswd=False
# useradd -Z unconfined_u -d /tmp test
# matchpathcon /tmp
/tmp unconfined_u:object_r:user_home_dir_t:s0
Also please provide Signed-off-by: see
https://github.com/SELinuxProject/selinux/blob/master/CONTRIBUTING.md
> ---
> libsemanage/src/genhomedircon.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
> index d08c88de..19dfb7b0 100644
> --- a/libsemanage/src/genhomedircon.c
> +++ b/libsemanage/src/genhomedircon.c
> @@ -966,6 +966,9 @@ static int add_user(genhomedircon_settings_t * s,
> }
> }
>
> + if (!(s->usepasswd))
> + return STATUS_SUCCESS;
> +
> int retval = STATUS_ERR;
>
> char *rbuf = NULL;
> --
> 2.25.4
>
Attachment:
signature.asc
Description: PGP signature
