Re: Advice for installing test2 if you are going to be saving files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[Adding SELinux list]

On Apr  4, 2004, Russell Coker <russell@xxxxxxxxxxxx> wrote:

> using the context= mount option to label them as 
> nfs_t might be an easy hack to solve this).

I've tried adding context=system_u:object_r:nfs_t to the mounts
containing the maze of soft links that my home dir is, but no luck.
First off, booting in enforcing mode, it wouldn't mount it, probably
because they're all in logical volumes (I think I heard that SELinux
is not compatible with LVM ATM :-(

Oddly, if I'm in enforcing mode and attempt to mount them as
root_u:sysadm_r:sysadm_t, they fail to mount with the context= setting
in /etc/fstab, but mount succeeds without it.  Is this a bug?  If so,
same as above, or a different one? (it says the device is read only)

I tried labeling everything in these filesystems as
system_u:object_r:nfs_t, but I still couldn't ssh into the box in
enforcing mode.  SSH key authentication failed to stat() the
authorized_keys file, so id demanded a password.  Then, it failed to
chdir to my homedir, and finally xauth took a few seconds trying to
lock ~/.Xauthority before it timed out and gave up, and I was given a
prompt with $PWD=/.  I could then cd to my home dir and use it
normally AFAICT, but this is quite inconvenient.

I guess I'll have to stay a bit longer without enforcing mode :-(

-- 
Alexandre Oliva             http://www.ic.unicamp.br/~oliva/
Red Hat Compiler Engineer   aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist  oliva@{lsd.ic.unicamp.br, gnu.org}

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux