3:47 a.m.
hello
I tryed to share a partition using nfs (using system-config-nfs), but
selinux prevents it from beeing mounted:
audit(1145781795.498:64): avc: denied { dac_override } for pid=26228
comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781795.498:65): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781795.498:66): avc: denied { dac_override } for pid=26228
comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781795.498:67): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:68): avc: denied { dac_override } for pid=26228
comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:69): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:70): avc: denied { dac_override } for pid=26228
comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:71): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
All boleans for nfs are set to true, if I do setenforce 0 it works.
I am using selinux-policy-targeted-2.2.34-3.fc5 (from updates testing)
on FC x86_64.
9:35 a.m.
dragoran wrote:
hello
I tryed to share a partition using nfs (using system-config-nfs), but
selinux prevents it from beeing mounted:
audit(1145781795.498:64): avc: denied { dac_override } for
pid=26228 comm="rpc.mountd" capability=1
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781795.498:65): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781795.498:66): avc: denied { dac_override } for
pid=26228 comm="rpc.mountd" capability=1
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781795.498:67): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:68): avc: denied { dac_override } for
pid=26228 comm="rpc.mountd" capability=1
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:69): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:70): avc: denied { dac_override } for
pid=26228 comm="rpc.mountd" capability=1
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
audit(1145781817.496:71): avc: denied { dac_read_search } for
pid=26228 comm="rpc.mountd" capability=2
scontext=system_u:system_r:nfsd_t:s0
tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
All boleans for nfs are set to true, if I do setenforce 0 it works.
I am using selinux-policy-targeted-2.2.34-3.fc5 (from updates testing)
on FC x86_64.
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
any ideas? or should I bugzilla this?
1:09 p.m.
dragoran wrote:
dragoran wrote:
> hello
> I tryed to share a partition using nfs (using system-config-nfs), but
> selinux prevents it from beeing mounted:
> audit(1145781795.498:64): avc: denied { dac_override } for
> pid=26228 comm="rpc.mountd" capability=1
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> audit(1145781795.498:65): avc: denied { dac_read_search } for
> pid=26228 comm="rpc.mountd" capability=2
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> audit(1145781795.498:66): avc: denied { dac_override } for
> pid=26228 comm="rpc.mountd" capability=1
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> audit(1145781795.498:67): avc: denied { dac_read_search } for
> pid=26228 comm="rpc.mountd" capability=2
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> audit(1145781817.496:68): avc: denied { dac_override } for
> pid=26228 comm="rpc.mountd" capability=1
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> audit(1145781817.496:69): avc: denied { dac_read_search } for
> pid=26228 comm="rpc.mountd" capability=2
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> audit(1145781817.496:70): avc: denied { dac_override } for
> pid=26228 comm="rpc.mountd" capability=1
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> audit(1145781817.496:71): avc: denied { dac_read_search } for
> pid=26228 comm="rpc.mountd" capability=2
> scontext=system_u:system_r:nfsd_t:s0
> tcontext=system_u:system_r:nfsd_t:s0 tclass=capability
> All boleans for nfs are set to true, if I do setenforce 0 it works.
> I am using selinux-policy-targeted-2.2.34-3.fc5 (from updates
> testing) on FC x86_64.
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
any ideas? or should I bugzilla this?
am I the only one seeing ths?
6163
days inactive
6182
days old
selinux@lists.fedoraproject.org
2 comments
1 participants
participants (1)
-
dragoran