From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 09 Mar 2010 16:03:06 -0500
Subject: [refpolicy] what to do: libsemanage.get_home_dirs:
In-Reply-To: <dd18b0c31003091001n5b5ab089g3829823e256ae86e@mail.gmail.com>
References: <dd18b0c31003091001n5b5ab089g3829823e256ae86e@mail.gmail.com>
Message-ID: <4B96B78A.4020801@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 03/09/2010 01:01 PM, Justin Mattock wrote:
> with the latest policy on open suse 11.2
> I'm seeing this after building the policy:
> libsemanage.get_home_dirs: nobody homedir /var/lib/nobody or its
> parent directory conflicts with a file context already specified in
> the policy.  This usually indicates an incorrectly defined system
> account.  If it is a system account please make sure its uid is less
> than 1000 or its login shell is /sbin/nologin.
>
> with using an older policy on this system, I never saw this.
>
> what to do?
>
>    
/var/lib/nobody record in /etc/passwd needs to have a shell of 
/bin/false or /sbin/nologin or a UID < 500.