Red Hat Bugzilla – Bug 123856
user home directory not lablelled correctly with selinux install
Last modified: 2007-11-30 17:10:43 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510
Description of problem:
The home directory for a user account created by first boot was not
SELinux labelled correctly. This prevented logging in (got message
that home directory did not exist) with selinux set to enforcing.
/home -> system_u:object_r:home_root_t
/home/tbl -> same (system_u:object_r:home_root_t)
/home/tbl/* -> same
/home/tbl should have been labelled system_u:object_r:user_home_dir_t
and the files /home/tbl/* should have been labelled
In this installation, /home is a mount point (/home->/dev/hdb2). All
partitions are of type ext3.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. install with selinux option set at install/boot prompt
2. (create partition for /home) (not sure this is important)
3. in firstboot, create user, eg. 'tbl'
4. on login prompt, login as user.
Actual Results: I got the following error popup:
Your home directory is listed as:
but it does not appear to exist. Do you want to log in with the
/ (root) directory as your home directory?
It is unlikely anything will work unless you use a failsafe
opting to use / as home directory fails miserably (as expected, I guess)
Created attachment 100423 [details]
log file created by fixfiles restore
I experienced the same result for fresh installs of FC2 on several
machines. Neither root nor a non-root user created by firstboot
were able to login via gdm; I had to do a console login and run fixfiles
restore. I attached the log file from one of those runs above.
I think that libuser should be responsible for the labelling the home
directory correctly, not the code in firstboot. Changing component to
useradd and libuser label the home directories exactly the same way
(they do nothing special). Logging in works for me in FC3t2, for
* added by useradd
* added by luseradd
* added by firstboot (using useradd)
* added by commented-out firsboot code (using libuser)