Problem with samba mounts via fstab and credentials option
Dan Thurman
dant at cdkkt.com
Fri Jan 11 01:48:03 UTC 2008
On Thursday 10 January 2008 05:06:51 pm Daniel B. Thurman wrote:
> When one adds a samba share via /etc/fstab and using as an entry:
> credentials=/etc/share/auth.smb in the options field
> This file contains sensitive username/password data, has a samba_etc_t type
> but on reboot, SELinux does not allow the mount.cifs program to read fstab
> entries containing the credentials mount options and produces an error 13
> message during the loading of the services. The result is that the mount
> has failed and must be remounted manually as a root user after the system
> comes up.
> The logs show:
> type=AVC msg=audit(1200012700.796:14): avc: denied { read } for
> pid=2528 comm="mount.cifs" name="auth.smb" dev=sda5 ino=788340
> scontext=system_u:system_r:mount_t:s0
> tcontext=system_u:object_r:samba_etc_t:s0 tclass=file
> Should I simply attempt to chcon -t mount_t /etc/samba.auth.smb or should
> this be handled differently?
> Thanks-
> Dan
Oops. It should have said: /etc/samba/auth.smb
More information about the fedora-selinux-list
mailing list