Red Hat Bugzilla – Bug 1017402
ecryptfs-migrate-home still fails to restore proper SELinux labels
Last modified: 2014-01-03 18:25:01 EST
+++ This bug was initially created as a clone of Bug #712048 +++
In #712048 the SELinux policy was updated to allow ecryptfs-migrate-home to work. However, it seems that the utility itself was not updated to restore SELinux labels after migration.
In particular, after running on Fedora 19 and Fedora 20 Alpha
ecryptfs-migrate-home -u USER
the login for the USER does not decrypt the home folder and SELinux produces allerts like:
SELinux is preventing /usr/bin/login from getattr access on the file /home/.ecryptfs/igor/.ecryptfs/auto-mount.
SELinux is preventing /usr/bin/login from read access on the file Private.mnt.
To fix this I run restorecon -R -v /home.
After that I could login as USER and the home folder is decrypted.
This is with ecryptfs-utils-103-3.fc20.x86_64
For detailed test procedure see the original report in #712048#c0
AFAIK there was a patch for a shell script to run "semanage-fcontex -a -e .. .." together with restorecon.
(In reply to Miroslav Grepl from comment #1)
> AFAIK there was a patch for a shell script to run "semanage-fcontex -a -e ..
> .." together with restorecon.
It was and it is still there. I'll look at it.
ecryptfs-utils-103-4.fc20 has been submitted as an update for Fedora 20.
ecryptfs-utils-103-3.fc19 has been submitted as an update for Fedora 19.
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing ecryptfs-utils-103-3.fc19'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
ecryptfs-utils-103-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
ecryptfs-utils-103-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.