On Wed, 2008-07-30 at 12:18 +0100, Paul Howarth wrote: > The underlying problem is that "mount", when run confined by SELinux, is > only allowed to mount filesystems on mount points that have specific > context types, such as mnt_t. If you set up your partitioning at install > time, the installer generally sets the context types of the directories > to be used as mount points correctly. However, if you change your > filesystem arrangement at a later date then the mount point directory > you're using will probably have some other context type, such as > mail_spool_t in this case, which mount isn't normally allowed to use as > a mount point, and you get the AVC denials and failure to mount as a > result. The fix is simply to label the mount point directory > appropriately for a mount point. setsebool -P allow_mount_anyfile 1 should let him mount without any labeling changes right? You should be able to find this boolean in system-config-selinux and setroubleshoot should have suggested toggling this boolean. -Eric -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
