[deployment-guide/comm-rel: 183/727] final update for BZ 617449, using custom home dirs with PAM and SSSD

Jaromir Hradilek jhradile at fedoraproject.org
Tue Oct 19 12:39:42 UTC 2010 

commit 206c302224c5f98005a9b708ff9092904f770ba0
Author: David O'Brien <davido at redhat.com>
Date:   Wed Jul 28 13:25:27 2010 +1000

    final update for BZ 617449, using custom home dirs with PAM and SSSD

 en-US/SSSD.xml |   11 ++++++++---
 1 files changed, 8 insertions(+), 3 deletions(-)
---
diff --git a/en-US/SSSD.xml b/en-US/SSSD.xml
index 548a8bf..1027089 100644
--- a/en-US/SSSD.xml
+++ b/en-US/SSSD.xml
@@ -297,15 +297,20 @@ session     required      pam_unix.so
             </listitem>
             <listitem>
               <para>
-                Configure your system to use the <systemitem class="library">pam_oddjob_mkhomedir.so</systemitem> library to create your custom home directories, and not the <systemitem class="library">pam_mkhomedir.so</systemitem> library, because the latter cannot create SELinux labels.
+                Ensure the <package>oddjob-mkhomedir</package> package is installed on your system and then re-run the Authentication Configuration tool.
               </para>
               <para>
-                The Authentication Configuration tool will use the <systemitem class="library">pam_oddjob_mkhomedir.so</systemitem> library if it is available, or otherwise default to using <systemitem class="library">pam_mkhomedir.so</systemitem>.
+                This package provides the <systemitem class="library">pam_oddjob_mkhomedir.so</systemitem> library, which the Authentication Configuration tool will then use to create your custom home directories. You need to use this library to create your home directories, and not the default <systemitem class="library">pam_mkhomedir.so</systemitem> library, because the latter cannot create SELinux labels.
               </para>
+              <note>
+                <para>
+                  The Authentication Configuration tool will automatically use the <systemitem class="library">pam_oddjob_mkhomedir.so</systemitem> library if it is available. Otherwise, it will default to using <systemitem class="library">pam_mkhomedir.so</systemitem>.
+                </para>
+              </note>
             </listitem>
           </orderedlist>
           <para>
-            If the preceding steps were not performed before the custom home directories were created, you can use the following commands to bring them into compliance:
+            If the preceding steps were not performed before the custom home directories were created, you can use the following commands to correct the permissions and SELinux contexts (again, replace the directory names with those that apply to your system):
 <screen># semanage fcontext -a -e /home /home/locale
 # restorecon -R -v /home/locale</screen>
           </para>

More information about the docs-commits mailing list