[Pkg-shadow-devel] files with ACLs in skel dir
nicolas.francois at centraliens.net
Sat Aug 21 17:30:10 UTC 2010
On Tue, Apr 20, 2010 at 05:23:57PM +0200, pvrabec at redhat.com wrote:
> On Wednesday 31 March 2010 11:29:52 am Nicolas François wrote:
> > The patch also adds support for preserving extended attributes (which will
> > include preserving the SELinux extended attributes).
> > Is this a bad idea? I remember you sent me a patch for the SELinux support
> > in copy_tree(). This used to set the default SELinux file context before
> > files / directories were created. Does it conflict with copying the
> > extended attributes?
> I'm afraid there is a conflict. The reason is simple. Files in /etc/skell have
> different selinux context then files in /home/$user. I'll write to Dan Walsh and
> ask him about his opinion. But at this moment I don't recommend using support
> for preserving extended attributes.
I will add the attached patch to make sure that useradd only resets the
selinux context and do not copy the extended attributes when /etc/skel is
usermod will still copy the extended attributes when a home directory is
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 8576 bytes
Desc: not available
More information about the Pkg-shadow-devel