[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Bugs, features, or misunderstandings?



How can I create a new Linux user account such that the home directory is assigned the proper context?

I want to create a new user (fred). 
I want fred's home directory to he located in the default location (/home/fred). 
And I want the context for /home/fred to be: fred:user_r:user_home_dir_t.

useradd doesn't work.  It seems to have two problems:
1) If my context (when I run useradd fred) is root:staff_r:staff_t, useradd sets the home directory to root:object_r:home_root_t.

2) If my context is root:sysadm_r:sysadm_t, useradd sets the home directory to root:object_r:user_home_dir_t

Item 1 seems like a bug - why would it choose :home_root_t instead of :user_home_dir_t?
In either case, the identity is wrong. 

I think the problem here is that fred is a Linux user, but not an identity.  So, I tried seuseradd instead.  That doesn't work either - it seems to create the identity (how would I know???) but the identity assigned to the home directory is still 'root'.

Here are my questions:

1) Why is this so bloody difficult? Can you really expect the average user/administrator to deal with problems like this?
2) How can I create a new user whose home directory is assigned the proper identity?
3) How can I get a list of valid identities?
4) Can I add identities with a simple command (i.e. without recompiling the policy)?

I know about seuserx, but that takes forever to run and is about as friendly as Windows 3.1.

Thanks in advance.

     -- Murphy
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]