[Fwd: Re: Can't export samba share]

[max]

CURSES!! If it weren't for those damn kids I would have gotten away with 
it too...

-------- Original Message --------
Subject: Re: Can't export samba share
Date: Mon, 21 Jul 2008 11:38:06 -0400
From: max <maximilianbianco at gmail.com>
To: Steve Blackwell <zephod at cfl.rr.com>
References: <20080721105041.1fd67e05 at steve.blackwell> 
<4884AA94.1010409 at gmail.com>

max wrote:
> Steve Blackwell wrote:
>> I have a dual boot F8/XP machine and I want to export, via samba, the
>> NTFS partition so that I can use it to back up my wife's Vista machine.
>> It seems that selinux is preventing this from happening. Here is the
>> summary message from setroubleshoot:
>>
>> SELinux is preventing the samba daemon from serving r/o local files to
>> remote clients.
>> and the Allowing Access section says:
>>
>> If you want to export file systems using samba you need to turn on the
>> samba_export_all_ro boolean: "setsebool -P samba_export_all_ro=1". The
>> following command will allow this access:setsebool -P
>> samba_export_all_ro=1
>>
>> There seems to be 2 problems here; 1) The filesystem that I'm trying to
>> export is read-write not read-only and 2) I have already set
>> samba_export_all_ro=1. In fact I also set samba_export_all_rw=1 and I
>> even set samba_run_unconfined=1 and I still get the same messages.
> 
>  I would try setting samba_export_all_ro=0, leave samba_export_all_rw=1
> 
> Those two settings will conflict and denials should always win out over 
> allows.

Just to be clear. I am saying where two settings conflict a denial
should not be surprising, it makes good sense, at least to me.

I am not sure you need samba_run_unconfined here either.

Checkout man ausearch, this can help pull all the AVC's related to this
together, it has many search options. It is worth reading.


Max

-- 
Fortune favors the BOLD