Setting up a samba share?
Paul Howarth
paul at city-fan.org
Tue Nov 7 08:37:17 UTC 2006
On Mon, 2006-11-06 at 21:52 -0800, Knute Johnson wrote:
> I'm setting up a samba share on my new FC6 install that will be
> public with no password required. Just like an unmolested Windows
> share.
>
> I found an article that said to put the selinux context description
> in /etc/selinux/targeted/contexts/files/file_contexts.local.
>
> My shared directory is /var/share. I put the line:
>
> /var/share(/.*)? system_u:object_r:samba_share_t
>
> in that file.
>
> Is this the correct way to make this change and make it permanent?
> Will this do what it is supposed to do?
Since FC5 the way to do this is not by editing file_contexts.local but
by using semanage:
# semanage fcontext -a -t samba_share_t '/var/share(/.*)?'
Having changed policy by doing this, the context types of the files
themselves still need changing:
# restorecon -r /var/share
> This is selinux related but why does the directory have to be world
> executable to make this work?
Directories need to be executable in order to list their contents, don't
they?
Paul.
More information about the fedora-selinux-list
mailing list