SELinux/genhomedircon

GENHOMEDIRCON(8)                                             GENHOMEDIRCON(8)

NAME genhomedircon -  generate  file context configuration entries for user home directories

SYNOPSIS genhomedircon [ -d selinuxdir ] [-n |  --nopasswd]   [-t  selinuxtype  ] [-h]

OPTIONS -h    Print a short usage message

-d selinuxdir (--directory) Directory  where   selinux  files  are  installed  defaults  to /etc/selinux

-n --nopasswd Indicates to the utility not to read homedirectories out of the password database.

-t selinuxtype (--type) Indicates the  selinux type of this install. Defaults to "tar- geted".

DESCRIPTION This utility is used to generate file context configuration entries for user home  directories  based  on  their default roles and is run when building the  policy. It  can   also   be   run   when   ever   the /etc/selinux/<>/users/local.users file is changed Specifi- cally, we  replace  HOME_ROOT,  HOME_DIR,  and  ROLE  macros  in   the /etc/selinux/<>/contexts/files/homedir_template file with generic and user-specific values. local.users file. If a user has more than one role in local.users, genhomedircon uses the first role in the list.

If a user is not listed in local.users, genhomedircon assumes that the user's home  dir will be found in one of the HOME_ROOTs. When looking for these users, genhomedircon only considers real users. "Real" users (as opposed  to  system  users) are those whose UID is greater than or equal  STARTING_UID  (default  500)  and  whose  login  shell  is   not "/sbin/nologin", or "/bin/false".

Users who  are  explicitly  defined  in local.users, are always "real" (including root, in the default configuration).

AUTHOR This manual page was originally  written  by  Manoj  Srivastava  , for  the Debian GNU/Linux system, based on the com- ments and the code in the utility, and then updated by Dan Walsh of Red Hat. The genhomedircon utility was originally written by Dan Walsh of Red Hat with some modifications by Tresys Technology, LLC.

Security Enhanced Linux         January 2005                 GENHOMEDIRCON(8)