[Pkg-shadow-devel] files with ACLs in skel dir
Nicolas François
nicolas.francois at centraliens.net
Sat Aug 21 17:30:10 UTC 2010
Hello,
On Tue, Apr 20, 2010 at 05:23:57PM +0200, pvrabec at redhat.com wrote:
>
> On Wednesday 31 March 2010 11:29:52 am Nicolas François wrote:
>
> > The patch also adds support for preserving extended attributes (which will
> > include preserving the SELinux extended attributes).
> > Is this a bad idea? I remember you sent me a patch for the SELinux support
> > in copy_tree(). This used to set the default SELinux file context before
> > files / directories were created. Does it conflict with copying the
> > extended attributes?
>
> I'm afraid there is a conflict. The reason is simple. Files in /etc/skell have
> different selinux context then files in /home/$user. I'll write to Dan Walsh and
> ask him about his opinion. But at this moment I don't recommend using support
> for preserving extended attributes.
I will add the attached patch to make sure that useradd only resets the
selinux context and do not copy the extended attributes when /etc/skel is
copied.
usermod will still copy the extended attributes when a home directory is
copied.
Best Regards,
--
Nekral
-------------- next part --------------
A non-text attachment was scrubbed...
Name: shadow.diff
Type: text/x-diff
Size: 8576 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20100821/9e05382f/attachment.diff>
More information about the Pkg-shadow-devel
mailing list