From f0eb192096e3c06dad10dcb0737ab3434f3ce655 Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Fri, 30 Oct 2020 17:42:17 +0100
Subject: [PATCH] libsemanage/genhomedircon: check usepasswd
Only add user homedir contexts when usepasswd = True
Resolves:
# grep usepasswd /etc/selinux/semanage.conf
usepasswd=False
# useradd -Z unconfined_u -d /tmp test
# matchpathcon /tmp
/tmp unconfined_u:object_r:user_home_dir_t:s0
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
(cherry-picked from SElinuxProject
commit ce46daab7cc90a6b9cd3bff9f99cf40ff19c3d9a)
Resolves: rhbz#1871786
---
libsemanage/src/genhomedircon.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
index e5f8d371..1298bc77 100644
--- a/libsemanage/src/genhomedircon.c
+++ b/libsemanage/src/genhomedircon.c
@@ -1330,7 +1330,7 @@ static int write_context_file(genhomedircon_settings_t * s, FILE * out)
s->fallback->home = NULL;
}
}
- if (user_context_tpl || username_context_tpl) {
+ if ((s->usepasswd) && (user_context_tpl || username_context_tpl)) {
if (write_username_context(s, out, username_context_tpl,
s->fallback) != STATUS_SUCCESS) {
retval = STATUS_ERR;
--
2.28.0