home directory problems with Fedora 8

Chris Howard chris at yipyap.com
Fri Dec 7 01:40:20 UTC 2007 

On Thu, 2007-12-06 at 12:49 -0500, Matthew Gillen wrote:
> Chris Howard wrote:
> > I have previously existing home directories under /u01/home.
> > I did this because upgrading from FC6 to Fedora 7 caused me trouble
> > and I want to avoid having to recreate my home directory.  So I copied
> > the whole system into /u01 before doing a fresh Fedora 8 install.  I
> > do not have a separate home-only partition.
> > 
> > SELinux prevents me from making a symbolic link like this:
> > 
> > /home--> /u01/home  or like this
> > 
> > /home/chris--> /u01/home/chris.
> 
> I wouldn't do symlinks like that unless you have some strange reason to.  Just
> have /etc/passwd point to the actual directories under /u01/home.
> 
> > If I setup a dummy user with home at /home/chris, then
> > edit /etc/passwd to change the home to /u01/home/chris... that doesn't
> > work either.
> > 
> > nor if I create a new user like so:
> > 
> > useradd -d /u01/home/pete  pete
> > 
> > Is there something magic about the string '/home' ?
> > that keeps me from creating home directories anywhere else?
> > 
> > I'd really love to keep from smashing /home on every OS reload.
> > 
> > For now I have SELinux in Permissive mode so I can at least use the
> > system.
> 
> Here's how I /think/ it works:
> a) If you've got an empty /u01/home, and you want to add new users, do this:
> Set the type of /u01/home to home_root_t:
>   chcon -t home_root_t /u01/home
> and then useradd -d /u01/home/pete will do the right thing.
> 
> b) Supposing you already have some use home dirs there (ie the homeidrs in
> /etc/passwd point to /u01/home/*), I think you can just run 'genhomedircon'
> and then run:
>  restorcon -R -v /u01/home
> 
> In the case of (b), it doesn't hurt to do the chcon operation first, but I
> don't think it's necessary.
> 
> (note: I'm not an expert myself, but if these steps don't work for you, they
> should at least point you in the right direction).
> 
> HTH,
> Matt
> 

Thanks Matt... but it doesn't work.

When I do:

chcon-t home_root_t /u01/home

then a:
 
restorecon -R -v /u01/home

changes it back to default_t

A system-wide recontext sets it back to:

/u01 is default_t
/u01/home is default_t
/u01/home/chris is default_t

ARGG!

in the "real" filesystem

/  is root_t
/home is home_root_t
/usr is usr_t
/var is var_t

(maybe I need to make a u01_t??)

later...

If I set /u01/home to home_root_t
and /u01/home/chris to unconfined_home_dir_t
and all files under /u01/home/chris to unconfined_home_t
then it works.... but recontexting will mess that all up again.

Somewhere in this box there is something that won't let me put home
directories on /u01/home.

More information about the fedora-selinux-list mailing list