<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8"> <META NAME="GENERATOR" CONTENT="GtkHTML/3.0.9"> </HEAD> <BODY> How can I create a new Linux user account such that the home directory is assigned the proper context? I want to create a new user (fred). I want fred's home directory to he located in the default location (<TT>/home/fred</TT>). And I want the context for /home/fred to be: <TT>fred:user_r:user_home_dir_t</TT>. useradd doesn't work. It seems to have two problems: <BLOCKQUOTE> 1) If my context (when I run useradd fred) is root:staff_r:staff_t, useradd sets the home directory to root:object_r:home_root_t. </BLOCKQUOTE> <BLOCKQUOTE> 2) If my context is root:sysadm_r:sysadm_t, useradd sets the home directory to root:object_r:user_home_dir_t </BLOCKQUOTE> Item 1 seems like a bug - why would it choose :home_root_t instead of :user_home_dir_t? In either case, the identity is wrong. I think the problem here is that fred is a Linux user, but not an identity. So, I tried seuseradd instead. That doesn't work either - it seems to create the identity (how would I know???) but the identity assigned to the home directory is still 'root'. Here are my questions: 1) Why is this so bloody difficult? Can you really expect the average user/administrator to deal with problems like this? 2) How can I create a new user whose home directory is assigned the proper identity? 3) How can I get a list of valid identities? 4) Can I add identities with a simple command (i.e. without recompiling the policy)? I know about seuserx, but that takes forever to run and is about as friendly as Windows 3.1. Thanks in advance. -- Murphy </BODY> </HTML>