Edit namespace.conf(around 2006~2007)
The first file you'll edit is /etc/security/namespace.conf, which controls the pam_namespace module. In this file, list the directories that you want PAM to polyinstantiate on login. Some example directories are listed in the file included with PAM and are commented out. Typeman namespace.confto view a comprehensive manual page. The syntax for each line in this file ispolydir instance_prefix method list_of_uids.Briefly, here is what these variables represent:
polydiris the absolute pathname of the directory to polyinstantiate.instance_prefixis the base directory of the new polyinstantiated user directory.methodcan be user, level, or context.list_of_uidsis a list of user names for which PAM will NOT polyinstantiate their directories.
http://www.coker.com.au/selinux/talks/sage-2006/PolyInstantiatedDirectories.html
https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinstantiated_tempdirs
https://skvidal.wordpress.com/2007/07/13/poly-instantiated-tmpdirs/
http://kurt.seifried.org/2012/03/14/creating-temporary-files-securely/
