On 15/02/10 21:44, Shintaro Fujiwara wrote:
You can use semanage fcontext to set labeling for certain directories or files.Hi, I'm now making server at my office with f12. I'm moved by how easy SELinux became to configure anythinng after all these years. I have mounted HDs on /mnt/path or /media/path. The HDs are mounted on /mnt/path which reside valuable data inside, and on /media/path which has backup tar balls. The one on /mnt/path are shared data by samba so that some organization unit guys can read and write through network. First,I set #chmod 777 /mnt/path and this is just a test, so it's not controversial. Second, after I read smb.conf, and I found SELinux configuration telling to set path to samba_share_t by chcon. I made it and it was a success, I could read and write from network to /mnt/path. Next, I commanded, # restorecon -R -v /mnt and /mnt/path became mnt_t. In that, I failed both read nor write. I made local module by audit2allow and installed by semodule -i. Of course, I restoreconed. I failed again. I did # touch /.autorelabel # shutdown -r now I failed. security context of /mnt/path is still mnt_t. How can I set security context of /mnt/path to samba_share_t not using chcon ? Thanks in advance. ----SELinux tool----- http://sourceforge.net/projects/segatex/ -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
We have got some SElinux docs at docs.fedoraproject.org, if you are interested. Regards, Tristan -- Tristan Santore BSc MBCS TS4523-RIPE Network and Infrastructure Operations InterNexusConnect Mobile +44-78-55069812 Tristan.Santore@xxxxxxxxxxxxxxxxxxxxx Former Thawte Notary (Please note: Thawte has closed its WoT programme down, and I am therefor no longer able to accredit trust) For Fedora related issues, please email me at: TSantore@xxxxxxxxxxxxxxxxx
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
