FC4 + samba + selinux
Ivan Gyurdiev
ivg2 at cornell.edu
Fri Mar 3 10:00:19 UTC 2006
>
>> I think we should allow smbd to search all directories if this is the
>> case. Alternatively we can have system-config-samba generate policy for
>> this on the fly, and alert the user, but that will be a pain, and seems
>> unnecessary.
>>
>>
> Maybe have system-config-samba make sure the directory is properly
> labeled with mnt_t or samba_share_t?
I think Eric's point was that smbd needs directory search access on the
entire path to the directory. I haven't verified that this is correct,
but from past experience I suspect it's true. Labeling everything on the
path as samba_share_t or mnt_t is usually not possible.
More information about the selinux
mailing list