When one adds a samba share via /etc/fstab and using as an entry:
credentials=/etc/share/auth.smb in the options field
This file contains sensitive username/password data, has a samba_etc_t type
but on reboot, SELinux does not allow the mount.cifs program to read fstab
entries containing the credentials mount options and produces an error 13
message during the loading of the services. The result is that the mount has
failed and must be remounted manually as a root user after the system comes
up.
The logs show:
type=AVC msg=audit(1200012700.796:14): avc: denied { read } for
pid=2528 comm="mount.cifs" name="auth.smb" dev=sda5 ino=788340
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:samba_etc_t:s0 tclass=file
Should I simply attempt to chcon -t mount_t /etc/samba.auth.smb or should this
be handled differently?
Thanks-
Dan
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
