hello I tryed to share a partition using nfs (using system-config-nfs), but selinux prevents it from beeing mounted: audit(1145781795.498:64): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:65): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:66): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:67): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:68): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:69): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:70): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:71): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability All boleans for nfs are set to true, if I do setenforce 0 it works. I am using selinux-policy-targeted-2.2.34-3.fc5 (from updates testing) on FC x86_64.
dragoran wrote:
hello I tryed to share a partition using nfs (using system-config-nfs), but selinux prevents it from beeing mounted: audit(1145781795.498:64): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:65): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:66): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:67): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:68): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:69): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:70): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:71): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability All boleans for nfs are set to true, if I do setenforce 0 it works. I am using selinux-policy-targeted-2.2.34-3.fc5 (from updates testing) on FC x86_64.
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
any ideas? or should I bugzilla this?
dragoran wrote:
dragoran wrote:
hello I tryed to share a partition using nfs (using system-config-nfs), but selinux prevents it from beeing mounted: audit(1145781795.498:64): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:65): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:66): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781795.498:67): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:68): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:69): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:70): avc: denied { dac_override } for pid=26228 comm="rpc.mountd" capability=1 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability audit(1145781817.496:71): avc: denied { dac_read_search } for pid=26228 comm="rpc.mountd" capability=2 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability All boleans for nfs are set to true, if I do setenforce 0 it works. I am using selinux-policy-targeted-2.2.34-3.fc5 (from updates testing) on FC x86_64.
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
any ideas? or should I bugzilla this?
am I the only one seeing ths?
selinux@lists.fedoraproject.org