Re: SELinux enforcing, an external ntfs-3g mount, Samba and Fedora 8

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Craig,

Craig Niederberger wrote:
Hi Fedora SELinux gurus, question from a very perplexed newbie.

I'm trying to access an external ntfs-3g drive from vmware on Fedora,
with the drive seen through vmware as a networked samba drive.  I have
Fedora 8 as the host, VMware Workstation 6.0.2 with Windows XP Pro as
the guest OS, and SELinux set to enforcing.

I have the host visible as a networked drive in My Network Places on
the guest, and can access files in my Fedora 8 home directory, so
SELinux is at least allowing that.

The external ntfs-3g drive that I'd like to also access is visible in
My Network Places on the guest. However, whenever I click on it, I get
an SELinux AVC Denial, which says SELinux is preventing the samba
daemon from serving r/o local files to remote clients, and tells me
that I need to turn on the samba_export_all_ro boolean, which is
already on.

The raw audit message that I get in the SELinux popup is:
avc: denied { read } for comm=smbd dev=sdd1 name=/ pid=4347
scontext=system_u:system_r:smbd_t:s0 tclass=dir
tcontext=system_u:object_r:fusefs_t:s0

I have mounted the ntfs-3g drive so that it matches the ownership of
my home drive, e.g. the fstab entry is:
/dev/sdd1 /mnt/media ntfs-3g rw,locale=en_US.utf8,uid=500,gid=1000 0 0

Did you tried to mount your drive with proper context?

/dev/sdd1 /mnt/media ntfs-3g rw,locale=en_US.utf8,uid=500,gid=1000,context=system_u:system_r:samba_share_t 0 0

$ ls -al media
total 233
drwxrwxrwx 1 craign family 4096 2007-12-12 23:04 .
drwxr-xr-x 6 root root 4096 2007-12-02 14:13 ..
drwxrwxrwx 1 craign family 0 2007-09-16 11:31 Craig
...

Can anyone help?

Many TIA,
Craig

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

Cheers,
Josef Kubin

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux