[Spacewalk-list] Spacewalk with enforced SELINUX
Jan Pazdziora
jpazdziora at redhat.com
Wed Mar 12 15:58:02 UTC 2014
On Wed, Mar 12, 2014 at 03:18:10PM +0100, Pierre Casenove wrote:
> Hello,
> I still have one last question on SELINUX context.
> As /data/satellite, which is my mount point, is a NFS exported filesystem,
> what do I have to do?
> - Only set spacewalk_nfs_mountpoint selinux boolean
> - Set the boolean and mount the filesystem with the "context" option *mount
> -t nfs -o context=**system_u:object_r:spacewalk_data_t** server:/shared/foo
> /mnt/foo*
> - Run restorecon on /data/satellite?
>
> I'm a bit lost on selinux and NFS...
Run
spacewalk-make-mount-points /data/satellite
That should detect that it's a NFS mount (well, it will detect that
the ls -lZ /data/satellite shows nfs_t label) and it will set the
needed SELinux booleans.
--
Jan Pazdziora
Principal Software Engineer, Identity Management Engineering, Red Hat
More information about the Spacewalk-list
mailing list