Hi all, I’m configuring a set of login nodes with home directories in GPFS (but not on /home), with SElinux in enforcing mode and auto creation of home directory (via PAM). I’ve been able to partially achieve my target, by basically running the two following commands:
semanage fcontext -a -e /home /das/home restorecon -v /das/home After having done this on one node, the context on the directory is the expected one (system_u:object_r:home_root_t:s0). And everything works as expected (a new user logs in and his directory is created). But on all the other nodes of the cluster still the old context is shown (system_u:object_r:unlabeled_t:s0). Unless I run the restorecon on them too. Furthermore, since the filesystem is a remote-cluster mount, on all the nodes on the central (storage) cluster, the corrent (home_root_t) context is shown. I was expecting the SElinux context to be stored in the inodes, but now the situation looks mixed and I’m puzzled. In case it can help, the login nodes are RHEL 7.7 with Spectrum Scale 5.0.4. The storage is RHEL 7.6 with 5.0.3. Does someone have any experience/idea? Thanks, __________________________________________ Paul Scherrer Institut Ivano Talamo WHGA/038 Forschungsstrasse 111 5232 Villigen PSI Schweiz Telefon: +41 56 310 47 71 E-Mail: [email protected] _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
