CURSES!! If it weren't for those damn kids I would have gotten away with
it too...
-------- Original Message --------
Subject: Re: Can't export samba share
Date: Mon, 21 Jul 2008 11:38:06 -0400
From: max <maximilianbianco@xxxxxxxxx>
To: Steve Blackwell <zephod@xxxxxxxxxx>
References: <20080721105041.1fd67e05@xxxxxxxxxxxxxxx>
<4884AA94.1010409@xxxxxxxxx>
max wrote:
Steve Blackwell wrote:
I have a dual boot F8/XP machine and I want to export, via samba, the
NTFS partition so that I can use it to back up my wife's Vista machine.
It seems that selinux is preventing this from happening. Here is the
summary message from setroubleshoot:
SELinux is preventing the samba daemon from serving r/o local files to
remote clients.
and the Allowing Access section says:
If you want to export file systems using samba you need to turn on the
samba_export_all_ro boolean: "setsebool -P samba_export_all_ro=1". The
following command will allow this access:setsebool -P
samba_export_all_ro=1
There seems to be 2 problems here; 1) The filesystem that I'm trying to
export is read-write not read-only and 2) I have already set
samba_export_all_ro=1. In fact I also set samba_export_all_rw=1 and I
even set samba_run_unconfined=1 and I still get the same messages.
I would try setting samba_export_all_ro=0, leave samba_export_all_rw=1
Those two settings will conflict and denials should always win out over
allows.
Just to be clear. I am saying where two settings conflict a denial
should not be surprising, it makes good sense, at least to me.
I am not sure you need samba_run_unconfined here either.
Checkout man ausearch, this can help pull all the AVC's related to this
together, it has many search options. It is worth reading.
Max
--
Fortune favors the BOLD
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
