Red Hat Bugzilla – Bug 139433
SELinux FAQ - resultes of id -Z for root incorrect for targeted policy
Last modified: 2007-04-18 13:15:09 EDT
Description of change/FAQ addition. If a change, include the original
text first, then the changed text:
Under the targeted policy, the context of the root account is
different than in the examples in the FAQ. If the examples should
reflect the more common targeted policy, these should be changed.
Version-Release of FAQ (found on
*** Bug 142182 has been marked as a duplicate of this bug. ***
Added in 1.3-5, coming live Real Soon Now (TM).
## The Q/A
Q: How can I create a new Linux user account with the user's home directory
having the proper context?
A: You can create your new user with the standard useradd command, but first
you must become root with a context of sysadm_r. This context switch has been
incorporated into the su command and occurs automatically:
su - root
ls -Z /home
drwx------ auser auser root:object_r:user_home_dir_t /home/auser
The initial context for a new user directory has an identity of root. Subsequent
relabeling of the file system will change the identity to system_u. These are
functionally the same since the role and type are identical
## 30 ##