Description of problem: I had a passwd entry that used /var/crash as its home directory, and a login shell of /bin/bash. I ended up getting a lot of message like this: /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /var/lost\+found/.*. <dwalsh>genhomedircon labels the parent directory home_root_t and the child user_home_dir_t. <dwalsh> So /var -> home_root_t. crash user_home_dir_t <dwalsh> Confined domains are not allowed in users homedir. <dwalsh> useradd -d /var/dwalsh1 dwalsh1 <dwalsh> genhomedircon <dwalsh> matchpathcon /var/dwalsh1 <dwalsh> /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /var/lost\+found/.*. <dwalsh> /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /var (system_u:object_r:home_root_t:s0 and system_u:object_r:var_t:s0). <dwalsh> /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /var/\.journal. <dwalsh> /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /var/lost\+found. <dwalsh> /var/dwalsh1 system_u:object_r:user_home_dir_t:s0 <dwalsh> The genhomedircon should have complained and not added the entries. Version-Release number of selected component (if applicable): policycoreutils-2.0.49-10.fc9.x86_64
Fixed in libsemanage-2.0.25-3.fc9