On Mon, 2006-11-06 at 21:52 -0800, Knute Johnson wrote: > I'm setting up a samba share on my new FC6 install that will be > public with no password required. Just like an unmolested Windows > share. > > I found an article that said to put the selinux context description > in /etc/selinux/targeted/contexts/files/file_contexts.local. > > My shared directory is /var/share. I put the line: > > /var/share(/.*)? system_u:object_r:samba_share_t > > in that file. > > Is this the correct way to make this change and make it permanent? > Will this do what it is supposed to do? Since FC5 the way to do this is not by editing file_contexts.local but by using semanage: # semanage fcontext -a -t samba_share_t '/var/share(/.*)?' Having changed policy by doing this, the context types of the files themselves still need changing: # restorecon -r /var/share > This is selinux related but why does the directory have to be world > executable to make this work? Directories need to be executable in order to list their contents, don't they? Paul. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
