I'm setting up a samba share on my new FC6 install that will be public with no password required. Just like an unmolested Windows share. I found an article that said to put the selinux context description in /etc/selinux/targeted/contexts/files/file_contexts.local. My shared directory is /var/share. I put the line: /var/share(/.*)? system_u:object_r:samba_share_t in that file. Is this the correct way to make this change and make it permanent? Will this do what it is supposed to do?

This is selinux related but why does the directory have to be world executable to make this work?

>On Mon, 2006-11-06 at 21:52 -0800, Knute Johnson wrote: >> I'm setting up a samba share on my new FC6 install that will be >> public with no password required. Just like an unmolested Windows >> share. >> >> I found an article that said to put the selinux context description >> in /etc/selinux/targeted/contexts/files/file_contexts.local. >> >> My shared directory is /var/share. I put the line: >> >> /var/share(/.*)? system_u:object_r:samba_share_t >> >> in that file. >> >> Is this the correct way to make this change and make it permanent? >> Will this do what it is supposed to do? > >Since FC5 the way to do this is not by editing file_contexts.local but >by using semanage: > ># semanage fcontext -a -t samba_share_t '/var/share(/.*)?' > >Having changed policy by doing this, the context types of the files >themselves still need changing: > semanage just creates the file_contexts.local file with the same thing in it that I had. What difference does it make to edit the file or use semanage?