Why does pam_oddjob_mkhomedir fail when running with SELINUX=enforcing?

Solution Verified - Updated -

Issue

When integrating with the Directory Server environment and using pam_oddjob_makehomedir.so to have users home directories created upon first login, it was discovered that running with SELinux in enforcing mode prevented the creation of the home directories, leaving the users without a proper environment and dropped in the root filesystem. Further investigation led to a SELinux policy module that allowed this to work as normal.

Environment

  • Red Hat Enterprise Linux 5.7 with all errata applied (or earlier)
  • defined users (in LDAP, NIS or files) that do not have home directories created yet
  • PAM configuration set up to use pam_oddjob_mkhomedir.so in the session section

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content