Directory where selinux files are installed defaults to /etc/selinux
-n --nopasswd
Indicates to the utility not to read homedirectories out of the password database.
-t selinuxtype (--type)
Indicates the selinux type of this install. Defaults to "targeted".
DESCRIPTION
This utility is used to generate file context configuration entries for
user home directories based on their default roles and is run when building
the policy. It can also be run when ever the
/etc/selinux/<<SELINUXTYPE>>/users/local.users file is changed
Specifically, we replace HOME_ROOT, HOME_DIR, and ROLE macros in the
/etc/selinux/<<SELINUXTYPE>>/contexts/files/homedir_template file with generic and user-specific values.
local.users file. If a user has more than one role in
local.users, genhomedircon uses the first role in the list.
If a user is not listed in
local.users, genhomedircon assumes that the user's home dir will be found in one of the
HOME_ROOTs.
When looking for these users,
genhomedircon only considers real users. "Real" users (as opposed
to system users) are those whose UID is greater than or equal
STARTING_UID (default 500) and whose login shell is not "/sbin/nologin", or
"/bin/false".
Users who are explicitly defined in
local.users, are always "real" (including root, in the default configuration).
AUTHOR
This manual page was originally written by
Manoj Srivastava <srivasta@debian.org>, for the Debian GNU/Linux system, based on the comments and the code
in the utility, and then updated by Dan Walsh of Red Hat. The
genhomedircon utility was originally written by
Dan Walsh of Red Hat with some modifications by
Tresys Technology, LLC.
