I have a love / hate relationship with SELinux. I like good security, especially on systems exposed to the Internet, but I hate opaque systems. SELinux provides additional layers of security (a very good thing), but often in a very opaque manner. I am hoping to capture aspects of SELinux on this page to make it less opaque.
NFS Based Home Directories
NFS based home directories used to be the standard, back in the 1980’s, and I still prefer them to individual home directories on every system. But the Linux world grew out of Desktops and single computers where individual home directories were (are still) the rule and not the exception. If you have NFS mounted home directories you need to let SELinux know that or various things (pre-shared SSH key based authentication) will fail.
setsebool -P use_nfs_home_dirs=true