Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 433757 - useradd assignes incorrect SELinux type to /var/spool/mail/newuser
useradd assignes incorrect SELinux type to /var/spool/mail/newuser
Product: Fedora
Classification: Fedora
Component: shadow-utils (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Peter Vrabec
Fedora Extras Quality Assurance
: SELinux
Depends On:
  Show dependency treegraph
Reported: 2008-02-21 05:22 EST by Stepan Kasal
Modified: 2008-03-03 10:07 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-03-03 10:07:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch to fix /var/spool/mail labeling and useradd -Z user_u dwalsh problem (1.24 KB, patch)
2008-02-21 10:05 EST, Daniel Walsh
no flags Details | Diff

  None (edit)
Description Stepan Kasal 2008-02-21 05:22:40 EST
Description of problem:
useradd creates an empty mail spool file, assigning it SELinux type user_home_t.
This can cause problems later, for example when logwatch visits /var/spool/mail
(this was the denial which actually triggered this bug report).

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. login as root
2. useradd sladek
3. ls -lZ /var/spool/mail/sladek

Actual type: user_home_t
Expected type: mail_spool_t
Comment 1 Daniel Walsh 2008-02-21 10:05:20 EST
Created attachment 295515 [details]
Patch to fix /var/spool/mail labeling and useradd -Z user_u dwalsh problem


We never reset the setfscreatecon to the default after creating the homedir. 
Also if you modify the default SELinux User, useradd execs semanage, but this
was happening before the uid was created so it was failing.  Needs to happen
after the UID is created.
Comment 2 Daniel Walsh 2008-02-21 10:06:07 EST
Sorry should have commented to Peter.

Comment 3 Peter Vrabec 2008-03-03 10:07:45 EST
fixed in shadow-utils-4.1.0-4.fc9,
thnx. Daniel

Note You need to log in before you can comment on or make changes to this bug.