selinux and home dirs

Wolfgang S. Rupprecht wolfgang.rupprecht at gmail.com
Wed Nov 18 00:08:27 UTC 2009


Eamon Walsh <ewalsh at tycho.nsa.gov> writes:
> On 11/17/2009 05:27 PM, Wolfgang S. Rupprecht wrote:
>> How do I add a second /home tree to selinux so that both /home and
>> /home2 have the same policies and restorecon correctly?  There seems to
>> be quite a bit of logic in
>> /etc/selinux/targeted/contexts/files/file_contexts.homedirs to treat the
>> files in the home directory specially, but I can't see where the "/home/"
>> string gets set.
>>
>> -wolfgang
>>   
>
> genhomedircon goes through the passwd file looking at the home
> directories for all the users.  So if a user has /home2 listed it should
> generate the file_contexts.homedirs properly with both prefixes.
>
> /home2 itself would need to be labeled with home_root_t just like /home
> is.  Dan's fcontext --equiv would work for this (set /home2 equal to
> /home) or it could be added manually using semanage fcontext.

Thanks Eamon and Dan!  

I do see that something magically added the /home2 versions since the
last time I looked.  It is good to know how to do this by hand to speed
up the process.

-wolfgang
-- 
Wolfgang S. Rupprecht
If the airwaves belong to the public why does the public only get 3
non-overlapping WIFI channels?




More information about the fedora-list mailing list