Why does pam_oddjob_mkhomedir fail when running with SELINUX=enforcing?
Issue
When integrating with the Directory Server environment and using pam_oddjob_makehomedir.so
to have users home directories created upon first login, it was discovered that running with SELinux in enforcing mode prevented the creation of the home directories, leaving the users without a proper environment and dropped in the root filesystem. Further investigation led to a SELinux policy module that allowed this to work as normal.
Environment
- Red Hat Enterprise Linux 5.7 with all errata applied (or earlier)
- defined users (in LDAP, NIS or files) that do not have home directories created yet
- PAM configuration set up to use
pam_oddjob_mkhomedir.so
in thesession
section
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.