selinux and home dirs
Wolfgang S. Rupprecht
wolfgang.rupprecht at gmail.com
Wed Nov 18 00:08:27 UTC 2009
Eamon Walsh <ewalsh at tycho.nsa.gov> writes:
> On 11/17/2009 05:27 PM, Wolfgang S. Rupprecht wrote:
>> How do I add a second /home tree to selinux so that both /home and
>> /home2 have the same policies and restorecon correctly? There seems to
>> be quite a bit of logic in
>> /etc/selinux/targeted/contexts/files/file_contexts.homedirs to treat the
>> files in the home directory specially, but I can't see where the "/home/"
>> string gets set.
>>
>> -wolfgang
>>
>
> genhomedircon goes through the passwd file looking at the home
> directories for all the users. So if a user has /home2 listed it should
> generate the file_contexts.homedirs properly with both prefixes.
>
> /home2 itself would need to be labeled with home_root_t just like /home
> is. Dan's fcontext --equiv would work for this (set /home2 equal to
> /home) or it could be added manually using semanage fcontext.
Thanks Eamon and Dan!
I do see that something magically added the /home2 versions since the
last time I looked. It is good to know how to do this by hand to speed
up the process.
-wolfgang
--
Wolfgang S. Rupprecht
If the airwaves belong to the public why does the public only get 3
non-overlapping WIFI channels?
More information about the users
mailing list