Set selinux context

diff --git a/useradmin/CHANGELOG b/useradmin/CHANGELOG
index 0af4276..b6bdde1 100644 (file)
--- a/useradmin/CHANGELOG
+++ b/useradmin/CHANGELOG
@@ -59,3 +59,4 @@ Converted commands in the module's API file to POD format, and added more detail
 ---- Changes since 1.470 ----
 Fixed a bug that caused an empty shell to appear in the shells list for new users.
 Fixed the hashing format for Blowfish passwords, to put $2a$ at the start instead of $2$.
+On Linux systems with SElinux enabled, the context user_u:object_r:user_home_dir_t is set on new home directories by default.

diff --git a/useradmin/config-cobalt-linux b/useradmin/config-cobalt-linux
index b9f1aee..f2b9dc8 100644 (file)
--- a/useradmin/config-cobalt-linux
+++ b/useradmin/config-cobalt-linux
@@ -40,3 +40,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-coherent-linux b/useradmin/config-coherent-linux
index 802e773..166aab3 100644 (file)
--- a/useradmin/config-coherent-linux
+++ b/useradmin/config-coherent-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-corel-linux b/useradmin/config-corel-linux
index e918c32..876a908 100644 (file)
--- a/useradmin/config-corel-linux
+++ b/useradmin/config-corel-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-debian-linux b/useradmin/config-debian-linux
index e918c32..876a908 100644 (file)
--- a/useradmin/config-debian-linux
+++ b/useradmin/config-debian-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-generic-linux b/useradmin/config-generic-linux
index eab3372..9f13ec8 100644 (file)
--- a/useradmin/config-generic-linux
+++ b/useradmin/config-generic-linux
@@ -40,3 +40,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-gentoo-linux b/useradmin/config-gentoo-linux
index dd82cff..24bf3e5 100644 (file)
--- a/useradmin/config-gentoo-linux
+++ b/useradmin/config-gentoo-linux
@@ -38,3 +38,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-mandrake-linux b/useradmin/config-mandrake-linux
index 0c46b4e..f3b7441 100644 (file)
--- a/useradmin/config-mandrake-linux
+++ b/useradmin/config-mandrake-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-msc-linux b/useradmin/config-msc-linux
index 802e773..166aab3 100644 (file)
--- a/useradmin/config-msc-linux
+++ b/useradmin/config-msc-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-open-linux b/useradmin/config-open-linux
index 92af507..94d60d4 100644 (file)
--- a/useradmin/config-open-linux
+++ b/useradmin/config-open-linux
@@ -41,3 +41,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-openmamba-linux b/useradmin/config-openmamba-linux
index 802e773..166aab3 100644 (file)
--- a/useradmin/config-openmamba-linux
+++ b/useradmin/config-openmamba-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-redhat-linux b/useradmin/config-redhat-linux
index 802e773..166aab3 100644 (file)
--- a/useradmin/config-redhat-linux
+++ b/useradmin/config-redhat-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-slackware-linux b/useradmin/config-slackware-linux
index e8c386f..2949cfc 100644 (file)
--- a/useradmin/config-slackware-linux
+++ b/useradmin/config-slackware-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-sol-linux b/useradmin/config-sol-linux
index 8c8bcc6..443b839 100644 (file)
--- a/useradmin/config-sol-linux
+++ b/useradmin/config-sol-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-suse-linux b/useradmin/config-suse-linux
index eab3372..9f13ec8 100644 (file)
--- a/useradmin/config-suse-linux
+++ b/useradmin/config-suse-linux
@@ -40,3 +40,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-suse-linux-9.0-* b/useradmin/config-suse-linux-9.0-*
index c1b713a..364d164 100644 (file)
--- a/useradmin/config-suse-linux-9.0-*
+++ b/useradmin/config-suse-linux-9.0-*
@@ -41,3 +41,4 @@ nscd_restart=/etc/rc.d/nscd restart
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-trustix-linux b/useradmin/config-trustix-linux
index 802e773..166aab3 100644 (file)
--- a/useradmin/config-trustix-linux
+++ b/useradmin/config-trustix-linux
@@ -39,3 +39,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-turbo-linux b/useradmin/config-turbo-linux
index eab3372..9f13ec8 100644 (file)
--- a/useradmin/config-turbo-linux
+++ b/useradmin/config-turbo-linux
@@ -40,3 +40,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config-united-linux b/useradmin/config-united-linux
index eab3372..9f13ec8 100644 (file)
--- a/useradmin/config-united-linux
+++ b/useradmin/config-united-linux
@@ -40,3 +40,4 @@ last_show=0
 config-aix
 passwd_progmode=0
 membox=0
+selinux_con=user_u:object_r:user_home_dir_t

diff --git a/useradmin/config.info b/useradmin/config.info
index d45d2f4..2863378 100644 (file)
--- a/useradmin/config.info
+++ b/useradmin/config.info
@@ -4,6 +4,7 @@ user_files=Copy files into new home directories from,9,40,3
 home_base=Automatic home directory base,3,Not set
 real_base=Real home directory base,3,Same as above
 home_style=Automatic home directory style,4,0-home/username,1-home/u/username,2-home/u/us/username,3-home/u/s/username,4-Just base directory,5-home/primary_group/username
+selinux_con=SElinux context for new home directories,3,None
 
 line2=New user options,11
 base_uid=Lowest UID for new users,0,5

diff --git a/useradmin/user-lib.pl b/useradmin/user-lib.pl
index 67b1b34..364639c 100644 (file)
--- a/useradmin/user-lib.pl
+++ b/useradmin/user-lib.pl
@@ -2527,6 +2527,10 @@ $home ||= $user->{'home'};
 &set_ownership_permissions($user->{'uid'}, $user->{'gid'},
                           oct($config{'homedir_perms'}), $home) ||
        &error(&text('usave_echmod', $!));
+if ($config{'selinux_con'} && &is_selinux_enabled() && &has_command("chcon")) {
+       &system_logged("chcon ".quotemeta($config{'selinux_con'}).
+                      " ".quotemeta($home)." >/dev/null 2>&1");
+       }
 &unlock_file($home);
 }