mount and context translations
Paul Howarth
paul at city-fan.org
Sun Jul 30 18:04:06 UTC 2006
I found that fstab entries like these:
/srv/softlib/fedora/stentz/FC4-i386-DVD.iso /srv/softlib/fedora/stentz/dvd iso9660 ro,loop,fscontext=system_u:object_r:public_content_t 0 0
weren't working at boot time but would work if I did "mount
-a" (unconfined).
The fix:
policy_module(localmisc, 0.0.2)
require {
type mount_t;
type security_t;
}
# Allow mount to do context translations
allow mount_t security_t:dir search;
allow mount_t security_t:file read;
Paul.
More information about the fedora-selinux-list
mailing list