Bug 358901

Summary: anaconda traceback when creating a user with kickstart's "user" command
Product: [Fedora] Fedora Reporter: Will Woods <wwoods>
Component: anacondaAssignee: Anaconda Maintenance Team <anaconda-maint-list>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: mitr
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: anaconda- Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-31 15:24:24 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 235703    
Description Flags
anaconda dump none

Description Will Woods 2007-10-30 15:06:05 EDT
My kickstart has the following line:

user --name=someuser --password=$1$BLAHBLAHPASSWORDHASH --iscrypted

which yields the following error/traceback from anaconda:

RuntimeError: couldn't determine security context for
`/mnt/sysimage/home/someuser': No such file or directory

the install does not complete and the system is left unbootable. Bummer.

anaconda dump is attached.
Comment 1 Will Woods 2007-10-30 15:06:05 EDT
Created attachment 243821 [details]
anaconda dump
Comment 2 Jeremy Katz 2007-10-30 15:35:58 EDT
This is caused by the changes to support setting the context of a homedir in
libuser.  The thing that makes it tricky is that we're working within a chroot
and selinux has no concept at all of chroots :-/
Comment 3 Miloslav Trma─Ź 2007-10-30 21:57:49 EDT
This is hardly a fault of SELinux, the user is created with
"/chroot/path/home/..." as a home directory by anaconda/libuser.  I'm afraid
there's only so much the workaround from #187373 can do.

A) If it is permissible to require that the installed system contains libuser,
   anaconda could chroot() to instPath, unset LIBUSER_CONF and either
   a) run luseradd, or
   b) use Python's libuser interface
B) Modify libuser to add a generic "chroot" parameter.
C) Add root= to libuser's admin.createHome and admin.addUser.

I'm leaning towards C); it is ugly, but less invasive than B) and it does not
require a working libc with a compatible NSS in the chroot.  I don't know about A).
Comment 4 Jeremy Katz 2007-10-31 00:22:22 EDT
Fixed with some chroot hackery in anaconda. 
Comment 5 Will Woods 2007-10-31 15:24:24 EDT
Works as expected with anaconda- (tested on ppc64)