Ce contenu n'est pas disponible dans la langue sélectionnée.
Chapter 6. Enabling Custom Home Directories Using authconfig
If LDAP users have home directories that are not in
/home and the system is configured to create home directories the first time users log in, then these directories are created with the wrong permissions.
- Apply the correct SELinux context and permissions from the
/homedirectory to the home directory that is created on the local system. For example:[root@server ~]# semanage fcontext -a -e /home /home/locale
- Install the
oddjob-mkhomedirpackage on the system.This package provides thepam_oddjob_mkhomedir.solibrary, which theauthconfigcommand uses to create home directories. Thepam_oddjob_mkhomedir.solibrary, unlike the defaultpam_mkhomedir.solibrary, can create SELinux labels.Theauthconfigcommand automatically uses thepam_oddjob_mkhomedir.solibrary if it is available. Otherwise, it will default to usingpam_mkhomedir.so. - Make sure the
oddjobdservice is running. - Run the
authconfigcommand and enable home directories. In the command line, this is done through the--enablemkhomediroption.[root@server ~]# authconfig --enablemkhomedir --update
In the UI, there is an option in the Advanced Options tab (Create home directories on the first login) to create a home directory automatically the first time that a user logs in.
Figure 6.1. Home Directory Option
This option is beneficial with accounts that are managed centrally, such as with LDAP. However, this option should not be selected if a system like automount is used to manage user home directories.
If home directories were created before the home directory configuration was changed, then correct the permissions and SELinux contexts. For example:
[root@server ~]# semanage fcontext -a -e /home /home/locale # restorecon -R -v /home/locale
