1GENHOMEDIRCON(8) GENHOMEDIRCON(8)
2
6 genhomedircon - generate SELinux file context configuration entries for
7 user home directories
8
10 genhomedircon [ -d selinuxdir ] [-n | --nopasswd] [-t selinuxtype ]
11 [-h]
12
15 -h Print a short usage message
16 -d selinuxdir (--directory)
18 Directory where selinux files are installed defaults to
19 /etc/selinux
20 -n --nopasswd
22 Indicates to the utility not to read homedirectories out of the
23 password database.
24 -t selinuxtype (--type)
26 Indicates the selinux type of this install. Defaults to "tar‐
27 geted".
28
30 This utility is used to generate file context configuration entries for
31 user home directories based on their prefix entry in the the semanage
32 user record. genhomedircon is run when building the policy. It is also
33 run automaticaly when ever the semanage utility modifies user or login
34 records. Specifically, we replace HOME_ROOT, HOME_DIR, and ROLE macros
35 in the /etc/selinux/<<SELINUXTYPE>>/contexts/files/homedir_template
36 file with generic and user-specific values. HOME_ROOT and HOME_DIR is
37 replaced with each distinct location where login users homedirectories
38 are located. Defaults to /home. ROLE is replaced based on the prefix
39 entry in the user record.
40 genhomedircon searches through all password entires for all "login"
42 user home directories, (as opposed to system users). Login users are
43 those whose UID is greater than or equal STARTING_UID (default 500) and
44 whose login shell is not "/sbin/nologin", or "/bin/false".
45
47 This manual page was originally written by Manoj Srivastava <sri‐
48 vasta@debian.org>, for the Debian GNU/Linux system, based on the com‐
49 ments and the code in the utility, and then updated by Dan Walsh of Red
50 Hat. The genhomedircon utility was originally written by Dan Walsh of
51 Red Hat with some modifications by Tresys Technology, LLC.
52Security Enhanced Linux January 2005 GENHOMEDIRCON(8)