[OT] how to share a directory under ntfs mount point with selinux enabled?

David Quigley selinux at davequigley.com
Fri Jan 20 16:08:49 UTC 2012


On 01/20/2012 09:13, David Quigley wrote:
> On 01/20/2012 07:40, Gianluca Cecchi wrote:
>> Hello,
>> using Fedora 16 and its samba 3.6 stack
>> I would like to share a directory that is under a local ntfs mounted
>> (with ntfs-3g) path...
>> For normal dirs I'm able to share after
>>  chcon -t samba_share_t /dir/to/share/path
>>
>> But for dirs under ntfs? Is there any directive to tell samba to 
>> skip
>> selinux protection for particular shares?
>>
>> Thanks in advance,
>> Gianluca
>
> So from what I understand ntfs-3g is a fuse filesystem. I would
> assume that when you do ls -Z on any file on your ntfs-3g mount that
> it comes back with the type fuse_t. Unfortunately fuse doesn't 
> support
> finer-grained labeling with SELinux. The best thing that you will be
> able to do is make it so your entire ntfs-3g mount is labeled
> samba_share_t and then just export the folders you want. You should 
> be
> able to do this by adding -o context=system_u:object_r:samba_share_t
> to your mount command for your ntfs-3g mount.
>
> Dave

I just looked back at an old post I made on this very issue and it 
seems that there might be a problem. Unless it has been fixed the fuse 
mount program doesn't necessarially pass the context mount option down 
to the kernel to be handled. So the fix I suggested above might not 
work. They may have fixed that problem so give it a try anyway but if 
the mount option is not passed down there isn't much you can do about 
it.

Dave


More information about the users mailing list