On Thu, 13 Aug 2009 13:03:41 -0700 (PDT)
Vadym Chepkov <chepkov(a)yahoo.com> wrote:
Hi,
Each time anybody trying to access a samba share I get a denials like
this:
type=AVC msg=audit(1250191256.756:26956): avc: denied { getattr }
for pid=20508 comm="smbd" path="/var/www" dev=dm-5 ino=2
scontext=system_u:system_r:smbd_t:s0
tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=AVC msg=audit(1250191256.756:26955): avc: denied { getattr }
for pid=20508 comm="smbd" path="/var/mysql" dev=dm-4 ino=2
scontext=system_u:system_r:smbd_t:s0
tcontext=system_u:object_r:mysqld_db_t:s0 tclass=dir
I am not sure why samba is trying to access this directories, it's no
ones home, just a mount point. dovecot generates the same AVCs, but
only when it starts. What is the best way to suppress these? Thanks.
I've been getting these for years too! Well, I've had these in local
policy for several releases:
# Samba needs to be able to access stuff under /srv
allow smbd_t var_t:dir getattr;
# F11 noise reduction
dontaudit smbd_t lost_found_t:dir { getattr read };
dontaudit smbd_t squid_cache_t:dir getattr;
dontaudit smbd_t mysqld_db_t:dir getattr;
Paul.