Looking for directory paths...
Daniel J Walsh
dwalsh at redhat.com
Tue Dec 13 18:50:31 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/12/2011 05:01 PM, Arthur Dent wrote:
> Raw Audit Messages type=AVC msg=audit(1323609255.771:112): avc:
> denied { create } for pid=2618 comm="smbd" name="05"
> scontext=system_u:system_r:smbd_t:s0
> tcontext=system_u:object_r:dosfs_t:s0 tclass=dir
>
>
> type=SYSCALL msg=audit(1323609255.771:112): arch=i386 syscall=mkdir
> success=no exit=EACCES a0=213e7cf0 a1=1ed a2=e49ff4 a3=bf90f3fc
> items=0 ppid=1039 pid=2618 auid=4294967295 uid=0 gid=0 euid=1000
> suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none)
> ses=4294967295 comm=smbd exe=/usr/sbin/smbd
> subj=system_u:system_r:smbd_t:s0 key=(null)
>
> Hash: smbd,smbd_t,dosfs_t,dir,create
Yes this looks like you want to share samba on a dos file system, you
will need to write a custom policy module to allow this.
# cat > mysamba.te << _EOF
policy_module(mysamba, 1.0)
gen_require(`
type smbd_t;
')
fs_manage_dos_dirs(smbd_t)
fs_manage_dos_files(smbd_t)
_EOF
# make -f /usr/share/selinux/devel/Makefile
# semodule -i mysamba.pp
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk7nnncACgkQrlYvE4MpobOW3QCfWt5qn2i9ShI6+hxQLN4s8CWc
gXkAoOK3jYuud4+e0169uQx1ED2c94nj
=y//Y
-----END PGP SIGNATURE-----
More information about the selinux
mailing list