SELinux concerning /home symlink?
Eric Paris
eparis at redhat.com
Wed Jul 30 13:47:09 UTC 2008
On Wed, 2008-07-30 at 12:18 +0100, Paul Howarth wrote:
> The underlying problem is that "mount", when run confined by SELinux, is
> only allowed to mount filesystems on mount points that have specific
> context types, such as mnt_t. If you set up your partitioning at install
> time, the installer generally sets the context types of the directories
> to be used as mount points correctly. However, if you change your
> filesystem arrangement at a later date then the mount point directory
> you're using will probably have some other context type, such as
> mail_spool_t in this case, which mount isn't normally allowed to use as
> a mount point, and you get the AVC denials and failure to mount as a
> result. The fix is simply to label the mount point directory
> appropriately for a mount point.
setsebool -P allow_mount_anyfile 1
should let him mount without any labeling changes right? You should be
able to find this boolean in system-config-selinux and setroubleshoot
should have suggested toggling this boolean.
-Eric
More information about the fedora-selinux-list
mailing list