The default SELinux user map user is currently guest_u. This is too restrictive, esp since the Fedora/RHEL default is unconfined_u.
We need to be consistent and change the default to unconfined_u.
Simo, Jakub, Dmitri, Dan and I agreed that we should also allow no value to be set for default in which case SSSD will use whatever the local system default is.
Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 3.0 RC1
to comment on this ticket.