Looking for directory paths...

Mon Dec 12 10:16:19 UTC 2011

> From: Arthur Dent
> Sent: 11 December 2011 13:49
> 
> Hello all,
> 
> When I get a SEL alert it refers only to to the actual directory and
> not the full pathname. For example:
> 
> SELinux is preventing /usr/sbin/smbd from create access on the
> directory 05.
> 
> The advice for fixing this alert is probably useful but without knowing
> the full path is actually completely useless:
> 
> If you want to allow smbd to have create access on the 05 directory
> Then you need to change the label on '05'
> Do
> # semanage fcontext -a -t samba_share_t '05'
> # restorecon  -v '05'
> 
> The problem is - I don't know where directory "05" is. It's probably
> some temporary cache file or some such and trying to even find its
> parent directory with a name like "05" makes using 'locate' or 'find'
> really quite hard work.
> 
> In this case the alert(s) (there were several - each with a different
> numerical directory name) were actually caused when I tried to sync my
> iPhone using iTunes installed on a Windows XP virtual machine running
> under VirtualBox on this Fedora 16 host, accessing the music library
> via a Samba share on a separate partition on the Fedora 16 box....
> Yeah... I know....
> 
> But anyway - if I could find the full path of the directory in question
> I *might* be able to take a closer look at where the problem lies...
> 
> Thanks in advance for any help or suggestions.
> 
> Mark

If you get the device and inode from the the AVC message you can use find's -inum option to look for the inode number on the device's filesystem rather than -name.

Moray.
“To err is human; to purr, feline.”