On Sat, 2007-12-08 at 11:41 -0500, Johnny Tan wrote: > I have a NFS mount that I want apache to be able to serve > files from. > > According to this doc: > http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/en-US/RHEL510/Deployment_Guide/ch45s02s03.html > > I should be able to mount it with a context that will allow > apache to access it. > > But when I try the suggested command: > > [root@vm-37:~] mount -t nfs -o \ > context=system_u:object_r:httpd_sys_content_t \ > 192.168.1.100:/data/test /mnt/test > > It *does* mount, but when I do: > [root@vm-37:~]# ls -lZ /mnt > drwxr-xr-x 65534 65534 system_u:object_r:nfs_t test > > It doesn't show the correct context. > > (I don't know if it matters that I don't have a user with > UID 65534, only the remote NFS server has that.) Do you have /data/test mounted somewhere else at the same time? Or maybe /data is the actual export from the server and you have /data/some_other_dir mounted somewhere else? If it is case #1 you are going to have to mount it the first time with the context= option. We can't have one mount using !context= and the other mount having context=. Just a way the software works. If it is case #2 it might work by mounting it with nosharecache (not sure if you have to do that on both mounts....) If it is neither of these cases can you file a RH bugzilla clearly explaining your versions of everything, how the server exports things, and what else the client has mounted at the time? -Eric -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
