genhomedircon - Man Page

generate SELinux file context configuration entries for user home directories

Description

genhomedircon is a script that executes semodule to rebuild the currently active SELinux policy (without reloading it) and to create the labels for each user home directory based on directory paths returned by calls to getpwent().

The latter functionality depends on the "usepasswd" parameter being set to "true" (default) in /etc/selinux/semanage.conf.

This script is usually executed by semanage although this default behavior can be optionally modified by setting to "true" the "disable-genhomedircon" in /etc/selinux/semanage.conf.

Directories can be excluded from the list of home directories by the setting "ignoredirs" in /etc/selinux/semanage.conf.

Author

This manual page was written by Dan Walsh <dwalsh@redhat.com>

See Also

semanage.conf(5), semodule(8), semanage(8), getpwent(3), getpwent_r(3)

Referenced By

selabel_file(5).

Sep 2011 Security Enhanced Linux SELinux