SAMBA home directories and SELinux
Daniel J Walsh
dwalsh at redhat.com
Mon Oct 3 18:46:32 UTC 2005
Stephen Walton wrote:
> Daniel J Walsh wrote:
>
>> Stephen Walton wrote:
>>
>>>
>>> smbclient //machine/swalton
>>>
>>> still throws a NT_STATUS_BAD_NETWORK_NAME error when I try to
>>> connect to my home directory with SELinux set to "enforcing", and
>>> the error message in the smb log file reads
>>>
>>> '/home/swalton' does not exist or is not a directory, when
>>> connecting to [swalton]
>>>
>> Are you seeing AVC messages in /var/log/messages or
>> /var/log/audit/audit.log?
>>
> No, but perhaps I need a log level tweaked higher somewhere. It is
> 100% reliably true that if I use system-config-securitylevel to set
> SELinux enforcing to off, smbclient works fine, and if I reset SELinux
> back to enforcing I see the above error messages again. So SELinux is
> definitely the culprit here somehow.
>
Install selinux-policy-targeted-sources
cd /etc/selinux/targeted/src/policy
make enableaudit; make load
Try the smbclient command
Grab the AVC messages
make clean; make load
to reset the policy.
--
More information about the fedora-list
mailing list