On Tue, 28 Sep 2021 06:22:47 +0800
Ed Greshko <ed.greshko(a)greshko.com> wrote:
On 28/09/2021 05:13, Thomas Cameron wrote:
> On 9/26/2021 5:57 AM, Ed Greshko wrote:
>> Hi,
>>
>> The configuration is a Fedora NFS server holding the home
>> directories of Fedora clients. So, all Fedora.
>>
>> Example: A user on the client creates a ~/.cert directory.
>> Looking at the directory from the server side we see.
>>
>> [djensen@f35ser ~]$ ls -Zd .cert
>> system_u:object_r:home_cert_t:s0 .cert
>>
>> On the client side the user sees
>>
>> [djensen@f35k ~]$ ls -Zd .cert
>> system_u:object_r:nfs_t:s0 .cert
>>
>> Is there a way the client side can show the actual selinux context
>> that is being enforced on the server side?
>
> Have you tried the instructions at
>
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/...,
> by chance? If I recall correctly, you can force the behavior where
> the client sees the exact same type as the server has on the
> filesystem.
I had not found that documentation.
That document seems a bit out of date when it comes to the latest
Fedora. I'm doing this on F35, but I think F34 is pretty much the
same in this area.
On the server, there is no /etc/sysconfig/nfs file. If I edit a file
with that name and then start the nfs-server the file then becomes
nfs.rpmsave.