From: Daniel J Walsh <dwalsh@redhat.com>
To: jbrindle@tresys.com
Cc: selinux@tycho.nsa.gov, sds@tycho.nsa.gov, kmacmillan@mentalrootkit.com
Subject: Re: [patch 0/3] genhomedircon replacement in libsemanage
Date: Tue, 22 May 2007 13:23:22 -0400 [thread overview]
Message-ID: <4653270A.50308@redhat.com> (raw)
In-Reply-To: <20070521095414.832619201@tresys.com>
jbrindle@tresys.com wrote:
> This replaces genhomedircon with equivalent functionality in libsemanage. The homedir_template is also no longer installed, this leaves some unused path functions in libselinux but removing those would break the ABI.
>
> This does the same things that genhomedircon did though some seemed strange, like removing /sbin/nologin from the list of valid shells, presumably to keep ftp users and such from getting file contexts generated for them, I'm not sure how valid the assumption is but we didn't want to change the functionality of genhomedircon in this patch set.
>
> The first patch adds genhomedircon.c to libsemanage and calls it from the semanage_store.c and removes the prior call to genhomedircon.
>
genhomedircon goal in life was to find "login user accounts" and
generate appropriate file context for them. So we do not want any users
with UID < 500 or with invalid shells. /bin/nologin is not a valid
login shell. genhomedir command should be kept around even if it is
only front-ending libsemanage. Since an admin can add additional users
with homedirs in random locations. They could/should then run
genhomedircon to fix the file context file.
> The second patch is a set of tests for the new functions
>
> And the third patch removes the old genhomedircon script.
>
>
> Signed-Off-By: Joshua Brindle <jbrindle@tresys.com>
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2007-05-22 17:23 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-05-21 9:54 [patch 0/3] genhomedircon replacement in libsemanage jbrindle
2007-05-21 9:54 ` [patch 1/3] libsemanage: genhomedircon replacement jbrindle
2007-05-22 21:08 ` Karl MacMillan
2007-05-24 14:04 ` Mark Goldman
2007-05-24 14:45 ` Karl MacMillan
2007-05-24 15:44 ` Daniel J Walsh
2007-05-24 19:20 ` Mark Goldman
2007-05-25 15:52 ` Karl MacMillan
2007-05-25 17:06 ` Joshua Brindle
2007-05-26 0:02 ` Karl MacMillan
2007-05-29 20:25 ` audit2allow module generation Anand Patel
2007-05-29 21:11 ` Karl MacMillan
2007-05-30 14:44 ` Anand Patel
2007-05-31 16:05 ` Karl MacMillan
2007-06-08 15:36 ` Karl MacMillan
2007-06-11 13:47 ` Anand Patel
2007-08-30 13:43 ` Anand Patel
2007-09-03 16:13 ` Karl MacMillan
2007-09-10 14:10 ` Anand Patel
2007-09-10 16:01 ` Karl MacMillan
2007-06-19 15:09 ` [patch 1/3] libsemanage: genhomedircon replacement Joshua Brindle
2007-06-21 16:29 ` Karl MacMillan
2007-06-21 16:49 ` Joshua Brindle
2007-06-21 18:04 ` Karl MacMillan
2007-06-21 18:09 ` Joshua Brindle
2007-06-21 18:18 ` Karl MacMillan
2007-06-21 18:25 ` Joshua Brindle
2007-06-21 18:35 ` Karl MacMillan
2007-06-21 20:54 ` Eamon Walsh
2007-06-22 11:50 ` Daniel J Walsh
2007-06-22 15:22 ` Karl MacMillan
2007-06-22 15:31 ` Joshua Brindle
2007-06-22 16:04 ` Karl MacMillan
2007-06-22 16:58 ` Eamon Walsh
2007-06-22 19:30 ` Karl MacMillan
2007-06-22 20:55 ` Eamon Walsh
2007-07-02 14:00 ` Joshua Brindle
2007-07-02 14:23 ` Karl MacMillan
2007-07-02 15:54 ` Joshua Brindle
2007-07-02 21:26 ` Joshua Brindle
2007-07-03 1:12 ` James Antill
2007-07-03 11:15 ` Can someone please assist me with selinux issue David Cottle
[not found] ` <1183464455.12218.243.camel@moss-spartans.epoch.ncs! c.mil>
2007-07-03 12:07 ` Stephen Smalley
2007-07-04 23:30 ` David Cottle
2007-07-05 12:33 ` Stephen Smalley
2007-07-12 19:03 ` Libsemanage dependency on version of Linux Hasan Rezaul-CHR010
2007-07-12 19:39 ` Stephen Smalley
2007-07-12 19:48 ` Hasan Rezaul-CHR010
2007-07-12 19:57 ` Stephen Smalley
2007-07-12 19:49 ` Stephen Smalley
2007-07-02 14:54 ` [patch 1/3] libsemanage: genhomedircon replacement James Antill
2007-06-22 20:00 ` James Antill
2007-05-24 15:05 ` Steve G
2007-05-24 15:27 ` Karl MacMillan
2007-05-24 16:00 ` James Antill
2007-05-25 14:22 ` Mark Goldman
2007-05-21 9:54 ` [patch 2/3] libsemanage: test functions jbrindle
2007-05-21 9:54 ` [patch 3/3] Remove legacy genhomedircon python script jbrindle
2007-05-22 17:23 ` Daniel J Walsh [this message]
2007-05-22 17:35 ` [patch 0/3] genhomedircon replacement in libsemanage Joshua Brindle
2007-05-22 21:10 ` Karl MacMillan
2007-05-22 21:11 ` Karl MacMillan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4653270A.50308@redhat.com \
--to=dwalsh@redhat.com \
--cc=jbrindle@tresys.com \
--cc=kmacmillan@mentalrootkit.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.