selinux and mounting a vfat partition
Daniel J Walsh
dwalsh at redhat.com
Sat Apr 3 06:47:48 UTC 2004
J. Scott Amort wrote:
>On Fri, 2004-04-02 at 21:57, James Morris wrote:
>
>
>>What avc messages are you seeing in syslog when this happens?
>>
>>
>
>trying:
>
>mount -t vfat /dev/hda9 /home/scott/music gives me:
>
>Apr 2 22:06:59 enlightenment kernel: audit(1080972419.871:0): avc:
>denied { mounton } for pid=3075 exe=/bin/mount path=/home/scott/music
>dev=hda5 ino=132047 scontext=root:sysadm_r:mount_t
>tcontext=system_u:object_r:user_home_t tclass=dir
>Apr 2 22:06:59 enlightenment kernel: audit(1080972419.872:0): avc:
>denied { mounton } for pid=3075 exe=/bin/mount path=/home/scott/music
>dev=hda5 ino=132047 scontext=root:sysadm_r:mount_t
>tcontext=system_u:object_r:user_home_t tclass=dir
>
>and,
>
>mount -t vfat -o context=system_u:object_r:user_home_t /dev/hda9 \
>/home/scott/music gives me:
>
>Apr 2 22:10:25 enlightenment kernel: audit(1080972625.005:0): avc:
>denied { mounton } for pid=3119 exe=/bin/mount path=/home/scott/music
>dev=hda5 ino=132047 scontext=root:sysadm_r:mount_t
>tcontext=system_u:object_r:user_home_t tclass=dir
>Apr 2 22:10:25 enlightenment kernel: audit(1080972625.007:0): avc:
>denied { mounton } for pid=3119 exe=/bin/mount path=/home/scott/music
>dev=hda5 ino=132047 scontext=root:sysadm_r:mount_t
>tcontext=system_u:object_r:user_home_t tclass=dir
>
>So it seems that the -o context=system_u:object_r:user_home_t is
>assumed, and the problem is something else? Thanks for any help.
>
>Best,
>Scott
>
>
>
>
You need to change the directory you are mounting on to a context of
something that can be mounted on.
chcon -t mnt_t /home/scott/music
and then try the mount command.
Dan
More information about the fedora-test-list
mailing list