Thursday, June 26, 2008

Could not chdir to home directory /home/xxx

I recently installed Fedora 9 x86_64 on my home machine. This is the first time that I've run the 64 bit version. I didn't disable SELinux this time either.

I've got most things working well on the machine. The most annoying issue that I've had is when I used ssh to access my machine from somewhere else. Everytime that I logged in I would get the the following message and get dumped to the / directory.

Could not chdir to home directory /home/xxx: Permission denied

I could type cd and it would take me to my home directory. I could read files in those directories. Looking around I found that others were having problems but usually it was a pam problem or something else related to authentication. Eventually I decided that it was a SELinux issue.

Since I've never run SELinux on my machine, it stands to reason that none of the proper contexts were ever applied to the home directories. After digging around with google and figuring out what I needed I discovered the problem. Below is what my context looked like:

> ls -Zd *
drwx------ xxx xxx system_u:object_r:file_t:s0 xxx

I created another user and discovered that what it should look like is this:

drwx------ aaa aaa system_u:object_r:user_home_dir_t:s0 aaa

To change the context to be that I used:

>chcon -t user_home_dir_t xxx
> ls -Zd *
drwx------ xxx xxx system_u:object_r:file_t:s0 xxx

SELinux tended to be difficult to use. Fedora and the other distributions are working hard to make it easier to use. Consider leaving it enabled when working with newer distributions. It could prevent a zero day exploit from taking over your machine.

1 comment:

Ritesh said...

Hi James,

I had the exact same problem. I had a pre-existing /home partition at the time of doing a clean install of Fedora 9. I was trying to ssh from work and I kept getting the same error. Changed the security context of the directory as you described and it worked like a charm.

Thanks a ton for the nifty tip,

Ritesh