[redhat-lspp] /home at SystemHigh

Linda Knippers linda.knippers at hp.com
Thu Feb 23 23:09:46 UTC 2006 

I changed /etc/selinux/mls/contexts/files/file_contexts.homedirs
from
/home          -d      system_u:object_r:home_root_t:s15:c0.c255
   to
/home           -d      system_u:object_r:home_root_t:s0

and relabeled my file system.

Now I can log in without the errors that Dan noted.  And I can
run useradd without errors.  What's a little weird is that the
home directory for the account I added has this context:

> $ ls -lZd /home/ljkmls4
> drwxr-xr-x  ljkmls4  ljkmls4  root:object_r:home_root_t:SystemLow /home/ljkmls4

Shouldn't it be user_u and user_home_t?  The files created inside the
home directory are are user_u and user_home_t.

BTW, I had first tried changing it to
/home           -d      system_u:object_r:home_root_t:s0:c0.c255
and running restorecon /home but I ended up with this:
> [root at kipper files]# restorecon /home
> file_contexts:  invalid context system_u:object_r:home_root_t:SystemLow:s0:c0,s0:c1,s0:c2,s0:c3,s0:c4,s0:c5,s0:c6,s0:c7,s0:c8,s0:c9,s0:c10,s0:c11,s0:c12,s0:c13,s0:c14,s0:c15,s0:c16,s0:c17,s0:c18,s0:c19,s0:c20,s0:c21,s0:c22,s0:c23,s0:c24,s0:c25,s0:c26,s0:c27,s0:c28,s0:c29,s0:c30,s0:c31,s0:c32,s0:c33,s0:c34,s0:c35,s0:c36,s0:c37,s0:c38,s0:c39,s0:c40,s0:c41,s0:c42,s0:c43,s0:c44,s0:c45,s0:c46,s0:c47,s0:c48,s0:c49,s0:c50,s0:c51,s0:c52,s0:c53,s0:c54,s0:c55,s0:c56,s0:c57,s0:c58,s0:c59,s0:c60,s0:c61,s0:c62,s0:c63,s0:c64,s0:c65,s0:c66,s0:c67,s0:c68,s0:c69,s0:c70,s0:c71,s0:c72,s0:c73,s0:c74,s0:c75,s0:c76,s0:c77,s0:c78,s0:c79,s0:c80,s0:c81,s0:c82,s0:c83,s0:c84,s0:c85,s0:c86,s0:c87,s0:c88,s0:c89,s0:c90,s0:c91,s0:c92,s0:c93,s0:c94,s0:c95,s0:c96,s0:c97,s0:c98,s0:c99,s0:c100,s0:c101,s0:c102,s0:c103,s0:c104,s0:c105,s0:c106,s0:c107,s0:c108,s0:c109,s0:c110,s0:c111,s0:c112,s0:c113,s0:c114,s0:c115,s0:c116,s0:c117,s0:c118,s0:c119,s0:c120,s0:c121,s0:c122,s0:c123,s0:c124,s0:c125,s0:c126,s0:c127,s0
:c128,s0:c129,s0:c130,s0:c131,s0:c132,s0:c133,s0:c134,s0:c135,s0:c136,s0:c137,s0:c138,s0:c139,s0:c140,s0:c141,s0:c142,s0:c143,s0:c144,s0:c145,s0:c146,s0:c147,s0:c148,s0:c149,s0:c150,s0:c151,s0:c152,s0:c153,s0:c154,s0:c155,s0:c156,s0:c157,s0:c158,s0:c159,s0:c160,s0:c161,s0:c162,s0:c163,s0:c164,s0:c165,s0:c166,s0:c167,s0:c168,s0:c169,s0:c170,s0:c171,s0:c172,s0:c173,s0:c174,s0:c175,s0:c176,s0:c177,s0:c178,s0:c179,s0:c180,s0:c181,s0:c182,s0:c183,s0:c184,s0:c185,s0:c186,s0:c187,s0:c188,s0:c189,s0:c190,s0:c191,s0:c192,s0:c193,s0:c194,s0:c195,s0:c196,s0:c197,s0:c198,s0:c199,s0:c200,s0:c201,s0:c202,s0:c203,s0:c204,s0:c205,s0:c206,s0:c207,s0:c208,s0:c209,s0:c210,s0:c211,s0:c212,s0:c213,s0:c214,s0:c215,s0:c216,s0:c217,s0:c218,s0:c219,s0:c220,s0:c221,s0:c222,s0:c223,s0:c224,s0:c225,s0:c226,s0:c227,s0:c228,s0:c229,s0:c230,s0:c231,s0:c232,s0:c233,s0:c234,s0:c235,s0:c236,s0:c237,s0:c238,s0:c239,s0:c240,s0:c241,s0:c242,s0:c243,s0:c244,s0:c245,s0:c246,s0:c247,s0:c248,s0:c249,s0:c250,s0:c251,
s0:c252,s0:c253,s0:c254,s0:c255
> matchpathcon(/home) failed Invalid argument

restorecon /home worked when I removed the compartments.

-- ljk

More information about the redhat-lspp mailing list