What is / labeled? In order for smbd to even get to /data/samba it has
to be able to search on / and /data. Check out 'ls -Zd /' and 'ls -
Zd /data' and make sure they are of types smbd can search. My first
guess is that / is labeled wrong (I think it sholud be
system_u:object_r:root_t)
-Eric
On Sat, 2006-02-25 at 23:04 -0500, Louis E Garcia II wrote:
> I am setting up an FC4 samba server and can't get my shares accessed.
> With selinux off samba works normally.
>
> I have created a dir:
> drwxrwsrwx root root
> system_u:object_r:samba_share_t /data/public
>
> The is the error I get:
>
> type=AVC msg=audit(1140923608.645:86): avc: denied { search } for
> pid=3338 comm="smbd" name="/" dev=hda5 ino=2
> scontext=root:system_r:smbd_t tcontext=system_u:object_r:default_t
> tclass=dir
> type=SYSCALL msg=audit(1140923608.645:86): arch=40000003 syscall=195
> success=no exit=-13 a0=88b85f8 a1=bff9aec4 a2=7fbff4 a3=bff9aec4 items=1
> pid=3338 auid=500 uid=502 gid=0 euid=502 suid=0 fsuid=502 egid=100
> sgid=100 fsgid=100 comm="smbd" exe="/usr/sbin/smbd"
> type=CWD msg=audit(1140923608.645:86): cwd="/"
> type=PATH msg=audit(1140923608.645:86): item=0 name="/data/public"
> flags=1 inode=2 dev=03:05 mode=040755 ouid=0 ogid=0 rdev=00:00
>
> why does smbd_t want access to default_t when the dir is labeled
> samba_share_t?
>
> Does smbd_t have access to samba_share_t by default?
>
> Any advise, --Louis
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
