Hi all,
I just installed a CentOS 5 machine from Kickstart. I configure NSS and PAM to lookup and authenticate users from LDAP with authconfig. On my LDAP I also have some automount configuration, but I'm not running automount on this server. SELinux is installed and enforcing.
Whenever I try to install an RPM (and in other occasions during boot) I see those messages:
# rpm -Uvh ... .rpm /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /usr/local/lost+found/.*. /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /usr/local/.journal. /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /usr/local/lost+found.
The RPM installs fine, I guess those are just warnings. (Actually, /usr/local is practically empty, and there are no lost+found or .journal there, so I guess those are really innocuous.)
I dug in deeper and I found out that the source of the problem is most probably in this file: /etc/selinux/targeted/contexts/files/file_contexts.homedirs
Among its contents are these lines:
/usr/local/[^/]*/.+ user_u:object_r:user_home_t:s0 /usr/local/[^/]*/.*/plugins/nprhapengine.so.* -- user_u:object_r:textrel_shlib_t:s0 /usr/local/[^/]*/.*/plugins/libflashplayer.so.* -- user_u:object_r:textrel_shlib_t:s0 /usr/local/[^/]*/((www)|(web)|(public_html))(/.+)? user_u:object_r:httpd_user_content_t:s0 /usr/local/[^/]*/.mozilla(/.*)?/plugins/libflashplayer.so.* -- user_u:object_r:textrel_shlib_t:s0 /usr/local/[^/]* -d user_u:object_r:user_home_dir_t:s0 /usr/local/lost+found/.* <<none>> /usr/local -d system_u:object_r:home_root_t:s0 /usr/local/.journal <<none>> /usr/local/lost+found -d system_u:object_r:lost_found_t:s0
I saw that /home and /root are there, since they are really home directories. But /usr/local shouldn't be there! And there's a fourth directory there, which is based on the name of our NFS fileserver:
/colossus/users/[^/]*/.+ user_u:object_r:user_home_t:s0 /colossus/users/[^/]*/.*/plugins/nprhapengine.so.* -- user_u:object_r:textrel_shlib_t:s0 /colossus/users/[^/]*/.*/plugins/libflashplayer.so.* -- user_u:object_r:textrel_shlib_t:s0 /colossus/users/[^/]*/((www)|(web)|(public_html))(/.+)? user_u:object_r:httpd_user_content_t:s0 /colossus/users/[^/]*/.mozilla(/.*)?/plugins/libflashplayer.so.* -- user_u:object_r:textrel_shlib_t:s0 /colossus/users/[^/]* -d user_u:object_r:user_home_dir_t:s0 /colossus/users/lost+found/.* <<none>> /colossus/users -d system_u:object_r:home_root_t:s0 /colossus/users/.journal <<none>> /colossus/users/lost+found -d system_u:object_r:lost_found_t:s0
I tried to edit the file to remove the offending entries, but after I installed another RPM I saw that the file was regenerated with the other entries.
So, I would like to know: Where is this coming from? How is this file being generated? What's the command that generates it? Which command (semanage?) apart from rpm can I use to reproduce and test the problem? (In other words, another command that won't install or change anything on the system but check the integrity of this file.) How can I tweak or control the way this file is generated?
Thanks a lot! Filipe