selinux and home dirs
Eamon Walsh
ewalsh at tycho.nsa.gov
Tue Nov 17 23:23:03 UTC 2009
On 11/17/2009 05:27 PM, Wolfgang S. Rupprecht wrote:
> How do I add a second /home tree to selinux so that both /home and
> /home2 have the same policies and restorecon correctly? There seems to
> be quite a bit of logic in
> /etc/selinux/targeted/contexts/files/file_contexts.homedirs to treat the
> files in the home directory specially, but I can't see where the "/home/"
> string gets set.
>
> -wolfgang
>
genhomedircon goes through the passwd file looking at the home
directories for all the users. So if a user has /home2 listed it should
generate the file_contexts.homedirs properly with both prefixes.
/home2 itself would need to be labeled with home_root_t just like /home
is. Dan's fcontext --equiv would work for this (set /home2 equal to
/home) or it could be added manually using semanage fcontext.
--
Eamon Walsh
National Security Agency
More information about the fedora-list
mailing list