[Spacewalk-list] Spacewalk with enforced SELINUX
Pierre Casenove
pcasenove at gmail.com
Thu Mar 13 09:39:04 UTC 2014
Thanks a lot Jan.
Pierre
2014-03-12 16:58 GMT+01:00 Jan Pazdziora <jpazdziora at redhat.com>:
> On Wed, Mar 12, 2014 at 03:18:10PM +0100, Pierre Casenove wrote:
> > Hello,
> > I still have one last question on SELINUX context.
> > As /data/satellite, which is my mount point, is a NFS exported
> filesystem,
> > what do I have to do?
> > - Only set spacewalk_nfs_mountpoint selinux boolean
> > - Set the boolean and mount the filesystem with the "context" option
> *mount
> > -t nfs -o context=**system_u:object_r:spacewalk_data_t**
> server:/shared/foo
> > /mnt/foo*
> > - Run restorecon on /data/satellite?
> >
> > I'm a bit lost on selinux and NFS...
>
> Run
>
> spacewalk-make-mount-points /data/satellite
>
> That should detect that it's a NFS mount (well, it will detect that
> the ls -lZ /data/satellite shows nfs_t label) and it will set the
> needed SELinux booleans.
>
> --
> Jan Pazdziora
> Principal Software Engineer, Identity Management Engineering, Red Hat
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20140313/a3bfb453/attachment.htm>
More information about the Spacewalk-list
mailing list