[Adding SELinux list] On Apr 4, 2004, Russell Coker <russell@xxxxxxxxxxxx> wrote: > using the context= mount option to label them as > nfs_t might be an easy hack to solve this). I've tried adding context=system_u:object_r:nfs_t to the mounts containing the maze of soft links that my home dir is, but no luck. First off, booting in enforcing mode, it wouldn't mount it, probably because they're all in logical volumes (I think I heard that SELinux is not compatible with LVM ATM :-( Oddly, if I'm in enforcing mode and attempt to mount them as root_u:sysadm_r:sysadm_t, they fail to mount with the context= setting in /etc/fstab, but mount succeeds without it. Is this a bug? If so, same as above, or a different one? (it says the device is read only) I tried labeling everything in these filesystems as system_u:object_r:nfs_t, but I still couldn't ssh into the box in enforcing mode. SSH key authentication failed to stat() the authorized_keys file, so id demanded a password. Then, it failed to chdir to my homedir, and finally xauth took a few seconds trying to lock ~/.Xauthority before it timed out and gave up, and I was given a prompt with $PWD=/. I could then cd to my home dir and use it normally AFAICT, but this is quite inconvenient. I guess I'll have to stay a bit longer without enforcing mode :-( -- Alexandre Oliva http://www.ic.unicamp.br/~oliva/ Red Hat Compiler Engineer aoliva@{redhat.com, gcc.gnu.org} Free Software Evangelist oliva@{lsd.ic.unicamp.br, gnu.org}
