oddjob-mkhomedir cannot create home directories on a NFS when SELinux is enforcing
Issue
The oddjob fails to create new home directories on NFS with SELinux.
The following is logged:
type=AVC msg=audit(1348662490.879:21725): avc: denied { write } for pid=6319 comm="mkhomedir" name="" dev=0:16 ino=97 scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=AVC msg=audit(1348662490.879:21725): avc: denied { add_name } for pid=6319 comm="mkhomedir" name="username" scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=AVC msg=audit(1348662490.879:21725): avc: denied { create } for pid=6319 comm="mkhomedir" name="username" scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=AVC msg=audit(1348662490.921:21726): avc: denied { setattr } for pid=6319 comm="mkhomedir" name="username" dev=0:16 ino=99 scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=AVC msg=audit(1348662490.925:21727): avc: denied { create } for pid=6319 comm="mkhomedir" name=".kshrc" scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=file
type=AVC msg=audit(1348662490.925:21727): avc: denied { open } for pid=6319 comm="mkhomedir" name=".kshrc" dev=0:16 ino=100 scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=file
type=AVC msg=audit(1348662490.927:21728): avc: denied { setattr } for pid=6319 comm="mkhomedir" name=".kshrc" dev=0:16 ino=100 scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=file
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
- home directories on NFS
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
