Selinux disallows read-only loop mount of a file, but only at boot [SOLVED]
Daniel J Walsh
dwalsh at redhat.com
Mon May 4 15:20:56 UTC 2009
On 05/04/2009 05:19 AM, David wrote:
> [david at kablamm ~]$ cat
> /etc/selinux/targeted/contexts/files/file_contexts | grep mount
> /etc/rc.d/init.d/autofs -- system_u:object_r:automount_script_exec_t:s0
> /bin/mount.* -- system_u:object_r:mount_exec_t:s0
> /bin/umount.* -- system_u:object_r:mount_exec_t:s0
> /sbin/mount.* -- system_u:object_r:mount_exec_t:s0
> /sbin/umount.* -- system_u:object_r:mount_exec_t:s0
> /var/run/autofs.* system_u:object_r:automount_var_run_t:s0
> /var/run/pam_mount(/.*)? system_u:object_r:pam_var_run_t:s0
> /usr/bin/smbmnt -- system_u:object_r:smbmount_exec_t:s0
> /bin/fusermount -- system_u:object_r:mount_exec_t:s0
> /usr/bin/smbmount -- system_u:object_r:smbmount_exec_t:s0
> /usr/bin/fusermount -- system_u:object_r:mount_exec_t:s0
> /usr/sbin/automount -- system_u:object_r:automount_exec_t:s0
> /usr/sbin/rpc\.mountd -- system_u:object_r:nfsd_exec_t:s0
> /etc/apm/event\.d/autofs -- system_u:object_r:automount_exec_t:s0
>
> [root at kablamm david]# chcon -t mount_exec_t
> /HUGE/get/iso/Fedora-09-i386-DVD/Fedora-09-i386-DVD.iso
>
> Appears to be [SOLVED] ... off for a fizzy drink :-)
>
> If I got this wrong, please comment.
>
What OS Are you running?
What policy version?
More information about the fedora-list
mailing list