Home directories created with wrong Selinux context
Adding to this question for future people who may come across it. If you are putting home directories on an NFS share, you will need to set the correct SELinux context. Assuming your nfs home directory is /nfshome, do the following:
[root@host /]# semanage fcontext -a -e /home /nfshome [root@host /]# restorecon -vR /nfshome
In the case of user's $HOME
directories, usually in /home/$USER
, you don't need to use chcon
, which changes the security context of files and directories, in the sense of diverting them from the policy, and, for what is worth, won't survive a system relabel. Rather, you need to find out what is the expected security context of the directories:
# matchpathcon /home/ujjain
# matchpathcon /home/johndoe
And if the context doesn't match the output of ls -lrtZ
, restore the context:
# restorecon -v /home/ujjain
# restorecon -v /home/johndoe
Note that restorecon
can be used recursively -R
.
Regarding your question, the reason why this directories have a wrong label depends on the procedure used to create them (which you didn't specify) and the location of the /home
directory (local filesystem vs. NFS, for example)