I think we should allow smbd to search all directories if this is the
case. Alternatively we can have system-config-samba generate policy for
this on the fly, and alert the user, but that will be a pain, and seems
unnecessary.
Maybe have system-config-samba make sure the directory is properly
labeled with mnt_t or samba_share_t?
I think Eric's point was that smbd needs directory search access on the
entire path to the directory. I haven't verified that this is correct,
but from past experience I suspect it's true. Labeling everything on the
path as samba_share_t or mnt_t is usually not possible.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
