<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>Same results:<br><br># ls -laZ<br>drwxr-xr-x. root root system_u:object_r:home_root_t:s0 .<br>dr-xr-xr-x. root root system_u:object_r:root_t:s0 ..<br><br># ssh tu-1@localhost<br>tu-1@localhost's password: <br><br>-sh-4.1$ ls -laZ<br>drwx------. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .<br>drwxr-xr-x. root root system_u:object_r:home_root_t:s0 ..<br>-rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .bash_logout<br>-rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .bash_profile<br>-rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .bashrc<br>drwxr-xr-x. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .gnome2<br>drwxr-xr-x. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .mozilla<br>-rw-------. tu-1 UnixGroup unconfined_u:object_r:home_root_t:s0 .vas_disauthcc_100001<br>-rw-r--r--. tu-1 UnixGroup system_u:object_r:home_root_t:s0 .vas_logon_server<br>-sh-4.1$ exit<br>logout<br>Connection to localhost closed.<br><br># ls -laZ<br>drwxr-xr-x. root root system_u:object_r:home_root_t:s0 .<br>dr-xr-xr-x. root root system_u:object_r:root_t:s0 ..<br>drwx------. tu-1 UnixGroup system_u:object_r:home_root_t:s0 tu-1<br><br>Does the home directory creation script have to be labelled any particular type? The main daemon is running as type qasd_t and the binary is labelled as qasd_exec_t, the script is labelled as qasd_bin_t. I am not sure if this matters.<br><br>unconfined_u:system_r:qasd_t:s0 root 4321 1 0 Feb11 ? 00:00:12 /opt/quest/sbin/.vasd -p /var/opt/quest/vas/vasd/.vasd.pid<br>unconfined_u:system_r:qasd_t:s0 daemon 4333 4321 0 Feb11 ? 00:00:23 /opt/quest/sbin/.vasd -p /var/opt/quest/vas/vasd/.vasd.pid<br><br>The script that creates the directory is doing nothing special, just a mkdir /home/$username, sets the user as the owner and changes permissions and then copies over the skel files.<br><br><br><div>> Date: Wed, 12 Feb 2014 13:12:58 -0500<br>> From: dwalsh@redhat.com<br>> To: swazup@hotmail.com; selinux@lists.fedoraproject.org<br>> Subject: Re: What is the correct way to create a users home dir<br>> <br>> -----BEGIN PGP SIGNED MESSAGE-----<br>> Hash: SHA1<br>> <br>> On 02/12/2014 01:05 PM, Jayson Hurst wrote:<br>> > l# sesearch -T -s qasd_t -c dir Found 5 semantic te rules: type_member<br>> > qasd_t user_home_dir_t : dir user_home_dir_t; type_transition qasd_t<br>> > user_home_dir_t : dir user_home_t; type_transition qasd_t var_auth_t : dir<br>> > qasd_var_auth_t; type_transition qasd_t etc_t : dir qasd_conf_t; <br>> > type_transition qasd_t home_root_t : dir user_home_dir_t;<br>> > <br>> <br>> Could you test again.<br>> <br>> <br>> -----BEGIN PGP SIGNATURE-----<br>> Version: GnuPG v1<br>> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/<br>> <br>> iEYEARECAAYFAlL7uaoACgkQrlYvE4MpobNU+wCfbaiM2LiQ1uc4tbWfDfwXyhlS<br>> bXEAoIpMDcQbTuUdZs36alkz5zGZPKTz<br>> =X747<br>> -----END PGP SIGNATURE-----<br></div>                                            </div></body>
</html>