I have a RedHat 7 server which is hooked up to LDAP and is supposed to create home folders automatically. In line with RedHat recommendation I use pam_oddjob_mkhomedir.so. Everything works fine if the user never logged in to the system.
The problem occurs if the home folder has been deleted, they are treated as scratch areas on this system. After deletion home folders are not re-created and the user is welcomed with
Could not chdir to home directory /home/users/username: No such file or directory
Can somebody shed some light on this?
UPDATE: I found that SELinux is causing this. Everything works fine if SELinux is in permissive mode. I don't want to disable SELinux, I would appreciate any help in configuring it correctly.
ANOTER UPDATE:
Found some relevant logs in /var/log/audit/audit.log
type=AVC msg=audit(1493820202.276:178): avc: denied { add_name } for pid=2631 comm="mkhomedir" name="robot" scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=AVC msg=audit(1493820202.276:178): avc: denied { create } for pid=2631 comm="mkhomedir" name="robot" scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=AVC msg=audit(1493820202.276:179): avc: denied { setattr } for pid=2631 comm="mkhomedir" name="robot" dev="0:41" ino=53873787 scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=dir
type=AVC msg=audit(1493820202.277:180): avc: denied { write open } for pid=2631 comm="mkhomedir" path="/nfs-server/host1/home/users/robot/.bash_logout" dev="0:41" ino=53873788 scontext=system_u:system_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=system_u:object_r:nfs_t:s0 tclass=file
0 Answers