I found that fstab entries like these:
/srv/softlib/fedora/stentz/FC4-i386-DVD.iso /srv/softlib/fedora/stentz/dvd iso9660
ro,loop,fscontext=system_u:object_r:public_content_t 0 0
weren't working at boot time but would work if I did "mount
-a" (unconfined).
The fix:
policy_module(localmisc, 0.0.2)
require {
type mount_t;
type security_t;
}
# Allow mount to do context translations
allow mount_t security_t:dir search;
allow mount_t security_t:file read;
Paul.
Show replies by date