On 28/09/2021 05:13, Thomas Cameron wrote:
On 9/26/2021 5:57 AM, Ed Greshko wrote:
> Hi,
>
> The configuration is a Fedora NFS server holding the home directories of Fedora
clients. So, all Fedora.
>
> Example: A user on the client creates a ~/.cert directory. Looking at the directory
from the server side we see.
>
> [djensen@f35ser ~]$ ls -Zd .cert
> system_u:object_r:home_cert_t:s0 .cert
>
> On the client side the user sees
>
> [djensen@f35k ~]$ ls -Zd .cert
> system_u:object_r:nfs_t:s0 .cert
>
> Is there a way the client side can show the actual selinux context that is being
enforced on
> the server side?
Have you tried the instructions at
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/...,
by chance? If I recall correctly, you can force the behavior where the client sees the
exact same type as the server has on the filesystem.
I had not found that documentation.
That document seems a bit out of date when it comes to the latest Fedora. I'm doing
this on F35, but I think F34 is
pretty much the same in this area.
On the server, there is no /etc/sysconfig/nfs file. If I edit a file with that name and
then start the nfs-server the file
then becomes nfs.rpmsave.
In looking at rpc service files I see that rpcbind.service has an
EnvironmentFile=/etc/sysconfig/rpcbind.
tried adding such....
[egreshko@f35ser system]$ cat /etc/sysconfig/rpcbind
#
# Optional arguments passed to rpcbind. See rpcbind(8)
RPCBIND_ARGS="-V 4.2"
RPCNFSDARGS="-V 4.2"
But no luck.
Ideas?
--
Nothing to see here