why does selinux context of /etc/shadow changes if NIS-user password is changed from NIS-client in Red Hat Enterprise Linux 7?

Solution In Progress - Updated -

Issue

  • Password change operation by the NIS-user from NIS-client changes the selinux context of the /etc/shadow on NIS-server
  • On NIS-server, before password change operation executed on NIS-client:
nis-server $ ls -lZ shadow
----------. root root system_u:object_r:shadow_t:s0    shadow
  • On NIS-client, nis-user changing password using passwd command.
nis-client ~ $ passwd
Changing password for user testuser.
Changing password for testuser
(current) UNIX password: 
New UNIX password: 
Retype new UNIX password: 
passwd: all authentication tokens updated successfully.
  • On NIS-server
ls -lZ shadow
----------. root root system_u:object_r:etc_t:s0       shadow

Environment

  • Red Hat Enterprise Linux 7
  • Both NIS-Master and NIS-client running on Red Hat Enterprise Linux 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In