Comment 0 for bug 347540

Binary package hint: passwd

Ubuntu version: Hardy
passwd version: 4.0.18.2

Steps to reproduce:
Install selinux
apt-get install selinux

Create user with non-default selinux user login mapping
useradd -m -G admin adminuser
passwd adminuser
semanage login -a -s root adminuser

Login as adminuser and create a user
sudo useradd -m testuser

View the SELinux label assigned to testuser's home directory
ls -Z /home/testuser

Expected behavior:
The directory /home/testuser should be labeled
unconfined_u:object_r:user_home_dir_t:s0.

Actual behavior:
The directory /home/testuser is labeled
root:object_r:user_home_dir_t:s0.

This is not a problem unless UBAC is enabled in SELinux policy. If it
were enabled, testuser would not be able to create any files in his/her
home directory.

Attached is a copy of the patch used in Fedora 11's shadow-utils-4.1.2-11.fc11 that
has been modified to apply last in the series of patches in the version
of passwd listed above. The patch also adds the -Z option to
useradd/usermod, which allows the SELinux user associated with a user to
be set when the user is created.