file_contexts.homedirs and new users
Daniel J Walsh
dwalsh at redhat.com
Thu Apr 8 10:36:49 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/07/2010 02:43 PM, Bruno Wolff III wrote:
> On Wed, Apr 07, 2010 at 20:42:23 +0200,
> Klaus Lichtenwalder <k.lichtenwalder at computer.org> wrote:
>> Hi,
>>
>> I just stumbled about the effect that adding a new user and creating a
>> .ssh directory does not automatically fix its context though it's listed
>> in file_contexts.homedirs (this was done via unattended package
>> installs). It is fixed by an explicit restorecon, though.
>> I searched google up and down and did not find how/when the
>> homedirs-File gets applied. Restorecon explicitely used sets the context
>> to home_ssh_t and everything is fine. So sorry if I missed something
>> obvious, but I just don't get how and when the policy from
>> file_contexts.homedirs gets applied
>> (it's on an up to date F12 system)
>
> The file context information only gets used when relabelling.
> The context of new created files and directories depends on the context of
> the directory they are being created in and the context of the process
> doing the creation and any manual overrides made by the creating process.
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
You can use the restorecond service if you want to watch for the
creation of certain files.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAku9scEACgkQrlYvE4MpobMWaQCgrG6jLm8rDqLCuX5hc7HnpbET
lqsAoK26M+7gYSfWoImDMJcgfDF8lpR+
=NjGl
-----END PGP SIGNATURE-----
More information about the selinux
mailing list