Yes, there is at least one major pitfall when considering git to manage a home directory that is not a concern with subversion.
Git is both greedy and recursive by default.
Subversion will naively ignore anything it doesn't know about and it stops processing folders either up or down from your checkout when it reaches one that it doesn't know about (or that belongs to a different repository). Git, on the other hand, keeps recursing into all child directories making nested checkouts very complicated due to namespace issues. Since your home directory is likely also the place where you checkout and work on various other git repositories, having your home directory in git is almost certainly going to make your life an impossible mess.
As it turns out, this is the main reason people checkout their dotfiles into an isolated folder and then symlink into it. It keeps git out of the way when doing anything else in any child directory of your $HOME. While this is purely a matter of preference if checking your home into subversion, it becomes a matter of necessity if using git.
However, there is an alternate solution. Git allows for something called a "fake root" where all the repository machinery is hidden in an alternate folder that can be physically separated from the checkout working directory. The result is that the git toolkit won't get confused: it won't even SEE your repository, only the working copy. By setting a couple environment variables you can tip off git where to find the goods for those moments when you are managing your home directory. Without the environment variables set nobody is the wiser and your home looks like it's classic file-y self.
To make this trick flow a little smoother, there are some great tools out there. The vcs-home mailing list seems like the defacto place to start, and the about page has a convenient wrap up of howtos and people's experiences. Along the way are some nifty little tools like vcsh, mr. If you want to keep your home directory directly in git, vcsh is almost a must have tool. If you end up splitting your home directory into several repostories behind the scenes, combine vcsh with mr for quick and not very dirty way to manage it all at once.
Based upon the OP's information (which, btw, was excellent for the question), the SELinux context was incorrect. In the OP's question, the Context showed as:
Context: system_u:object_r:unlabeled_t:s0
However, a home directory should have user_home_dir_t.
To resolve the situation, running restorecon -Rv /home (using /home ensures that home directories for other users are updated; one could fix just the particular users's home dire by restorecon -Rv /home/user) will adjust the situation. The result should be similar to:
File: ‘/home/user’
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: fd00h/64768d Inode: 18642668 Links: 16
Access: (0700/drwx------) Uid: ( 1000/ user) Gid: ( 1000/ user)
Context: unconfined_u:object_r:user_home_dir_t:s0 <-- THE CONTEXT
Access: 2017-06-16 19:10:34.914968689 -0600
Modify: 2017-06-16 18:30:31.135767008 -0600
Change: 2017-06-16 18:30:31.135767008 -0600
Birth: -
Using the -R would also ensure that directories in the /home/user were properly adjusted. For example the .ssh directory has a context of unconfined_u:object_r:ssh_home_t:s0.
Best Answer
To remove a directory, you need write permission over its parent. Which means that as long as user can't write to
/home, he won't be able to remove his own directory.With these permissions, root is the only user who can manipulate directories immediately under
/home. This setup is actually very common on Linux systems, since they are multiuser ; however, I have seen Ubuntu setups in which/homebelonged to the first user (usually ID 1000). While Ubuntu's first user usually is a sudoer (meaning he could delete everything usingsudo), I don't think it is a good practise to give/hometo anyone but root.When it comes to
chattr, I believe this would be overkill. You are facing a permissions problem, there is no need for other file attributes.