From 0ae5e5f70c6c7ab13ea765084c27fc87106345a0 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Dec 18 2020 16:24:10 +0000
Subject: semanage.conf - expand list of ignoredirs


It should prevent problems with wrong labels on directories in / after
commands like:

    # useradd -Z unconfined_u -d /var test

    # matchpathcon /var
    /var    unconfined_u:object_r:user_home_dir_t:s0

---

diff --git a/semanage.conf b/semanage.conf
index e2aad0c..406f16f 100644
--- a/semanage.conf
+++ b/semanage.conf
@@ -51,7 +51,7 @@ expand-check=0
 usepasswd=False
 bzip-small=true
 bzip-blocksize=5
-ignoredirs=/root
+ignoredirs=/root;/bin;/boot;/dev;/etc;/lib;/lib64;/proc;/run;/sbin;/sys;/tmp;/usr;/var
 optimize-policy=true
 
 [sefcontext_compile]