Samba file server

Ivan Gyurdiev ivg2 at cornell.edu
Fri Jan 7 15:09:26 UTC 2005


Hi,

I have a fairly trivial setup ( I think ) that I'd like to get working
under SElinux. 

I have a bunch of data on /data, which is its own LVM logical volume.
I have symlinks to the parts of the data in /data/smb that I'd like to
export via smb. 

My server also exports user home directories and all printers.

The problem is: 
	Stuff on /data is labeled: system_u:object_r:default_t 
	Stuff on /home is labeled: system_u:object_r:user_home_dir_t
		under system_u:object_r:home_root_t 

I get:

audit(1105106751.784:0): avc:  denied  { search } for  pid=32352
exe=/usr/sbin/smbd name=/ dev=dm-1 ino=2 scontext=user_u:system_r:smbd_t
tcontext=system_u:object_r:default_t tclass=dir

audit(1105107520.694:0): avc:  denied  { search } for  pid=32629
exe=/usr/sbin/smbd name=/ dev=dm-2 ino=2 scontext=user_u:system_r:smbd_t
tcontext=system_u:object_r:home_root_t tclass=dir

- How can I address this situation?
- What if I wanted to share /data over httpd as well?

Thanks for any help,

-- 
Ivan Gyurdiev <ivg2 at cornell.edu>
Cornell University




More information about the fedora-selinux-list mailing list