Problem: every time a user logs in, they get “Could not chdir to home directory….Permission denied” error, although they can login to the system and change to their home directories without any problem.
Cause in this particular case: The system had a separate LVM partition for /home, and the partition crashed at one point, and was gone for good. I had to create a new LVM for the /home directory, and apparently SELinux doesn’t seem to like the security context as shown below.
-See the error below
[daniel@danasmera.com ~]$ ssh daniel@localhost daniel@localhost's password: Last login: Wed Dec 11 09:48:56 2013 from localhost.localdomain Could not chdir to home directory /home/daniel: Permission denied
-No login or changing to home directory issue here.
[daniel@danasmera.com /]$ cd /home/daniel/ [daniel@danasmera.com ~]$ pwd /home/daniel
-SELinux is enabled and in enforcing mode
[daniel@danasmera.com ~]$ sudo sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 24 Policy from config file: targeted
-Let us set SELinux into permissive mode to see if that is the cause.
[root@danasmera.com ~]# setenforce 0 [root@danasmera.com ~]# sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: enforcing Policy version: 24 Policy from config file: targeted [daniel@danasmera.com ~]$ ssh daniel@localhost daniel@localhost's password: Last login: Wed Dec 11 09:50:11 2013 from localhost.localdomain
(No error message anymore!)..Now let us try to resolve the SELinux issue
-Let us display the security context for home
[root@danasmera.com ~]# ls -dZ /home drwxr-xr-x. root root system_u:object_r:file_t:s0 /home
-Time to restore to default SELinux security context
[root@danasmera.com ~]# restorecon -v /home restorecon reset /home context system_u:object_r:file_t:s0->system_u:object_r:home_root_t:s0
-Let us enable SELinux
[root@danasmera.com ~]# setenforce 1
-Error message disappears!
[daniel@danasmera.com ~]$ ssh daniel@localhost daniel@localhost's password: Last login: Wed Dec 11 09:52:11 2013 from localhost.localdomain
View all posts in this blog – https://linuxfreelancer.com/all-posts