SELinux context conflict -- default_ versus samba_share_t
Julian C. Dunn
lists at aquezada.com
Tue Jun 8 12:34:42 UTC 2010
Like many Fedora users, I have a /music mount point on my fileserver.
I'd like to make this available by Samba and Apache over the local LAN.
I'm confused about what SELinux label I need to give this mountpoint.
Currently I have it as unconfined_u:object_r:samba_share_t:s0, otherwise
Samba won't share it. But now Postfix is complaining:
Jun 8 08:20:43 fileserver setroubleshoot: SELinux is preventing
/usr/libexec/postfix/smtpd "search" access to /music. For complete
SELinux messages. run sealert -l f1271eda-558f-4389-8eab-04738dcf15cb
Of course, the sealert report advises me to restore to the default context.
Additionally, if I have all of music set as
unconfined_u:object_r:samba_share_t, httpd can't read the files in there.
What is the right context to set /music to, in order to meet my needs?
More information about the users