-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, ~ I have run into a problem with reading a credentials file from fstab at startup. I have been working with Dan Walsh and have at least a temporary resolution. Details of our e-mail conversation are below: The problem: I get Error 13 talking about access denied to the credentials file. If SELinux is sent to permissive, this is not an issue. I have tried 20 different searches on google, samba.org and several fedora sites to try to get the context required for the credentials file to be accessible to the startup scripts that process fstab. current SELinux context of credentials file: # ls -lZ /root/.smb/yyy - -rw-r----- root root system_u:object_r:user_home_t:s0 /root/.smb/yyy fstab entry: //mtc1-server/progs /media/mtc1-server/progs cifs ip=xxx.xxx.xxx.xxx,credentials=/root/.smb/yyy,uid=aaaa,gid=aaaa,file_mode=0664,dir_mode=0775 0 0 ~ If I use "su -" and manually mount the share, passing only the directory to the mount command, it completes with no errors. This is only an issue at startup. The Resolution: You should execute # grep mount_t /var/log/audit/audit.log | audit2allow -M mysamba # semodule -i mysamba.pp This will add the new rule. If anybody wants/needs more details, feel free to contact me. - -- Eric Anderson Communication Systems Engineer PLEXSYS Interface Products, Inc. E-mail: eric.anderson@xxxxxxxxxxxxxx Phone: (405) 734-6090 Fax: (405) 734-6153 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHoLLuZqXKXmrU3HIRAid1AJ0ZDQN3RnJSFQrEDlvhRsv89ZGfkQCeIiLa 4oJhf2TRRfM3T2xAToc+H0k= =0gZ4 -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
