Dan Thurman wrote:
On Thursday 10 January 2008 05:06:51 pm Daniel B. Thurman wrote:
When one adds a samba share via /etc/fstab and using as an entry:
credentials=/etc/share/auth.smb in the options field
This file contains sensitive username/password data, has a samba_etc_t type
but on reboot, SELinux does not allow the mount.cifs program to read fstab
entries containing the credentials mount options and produces an error 13
message during the loading of the services. The result is that the mount
has failed and must be remounted manually as a root user after the system
comes up.
The logs show:
type=AVC msg=audit(1200012700.796:14): avc: denied { read } for
pid=2528 comm="mount.cifs" name="auth.smb" dev=sda5 ino=788340
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:samba_etc_t:s0 tclass=file
Should I simply attempt to chcon -t mount_t /etc/samba.auth.smb or should
this be handled differently?
Thanks-
Dan
Oops. It should have said: /etc/samba/auth.smb
Try setting the allow_mount_anyfile boolean.
# setsebool -P allow_mount_anyfile 1
Paul.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list