SELinux context conflict -- default_ versus samba_share_t

Julian C. Dunn lists at
Tue Jun 8 12:34:42 UTC 2010

Like many Fedora users, I have a /music mount point on my fileserver.
I'd like to make this available by Samba and Apache over the local LAN.

I'm confused about what SELinux label I need to give this mountpoint.
Currently I have it as unconfined_u:object_r:samba_share_t:s0, otherwise
Samba won't share it. But now Postfix is complaining:

Jun  8 08:20:43 fileserver setroubleshoot: SELinux is preventing
/usr/libexec/postfix/smtpd "search" access to /music. For complete
SELinux messages. run sealert -l f1271eda-558f-4389-8eab-04738dcf15cb

Of course, the sealert report advises me to restore to the default context.

Additionally, if I have all of music set as
unconfined_u:object_r:samba_share_t, httpd can't read the files in there.

What is the right context to set /music to, in order to meet my needs?

- Julian

More information about the users mailing list