|
Le Thursday, November 3, 2016 12:42:27 PM CET Bill shirley a écrit : > I'm getting an AVC in the boot process when systemd tries to mount a drive. > It's too early in the boot process for it to be in > /var/log/audit/audit.log. I don't speak AVC well enough to generate a > rule without the log entry: Nov 03 10:31:05 c3po.example.com audit[1]: AVC > avc: denied { read } for pid=1 comm="systemd" name="lan" dev="dm-0" > ino=100732081 scontext=system_u:system_r:init_t:s0 > tcontext=system_u:object_r:samba_share_t:s0 tclass=dir permissive=0 > > [0:root@c3po shorewall 2]$ ls -ldZ /lan > drwxr-xr-x. 4 root root system_u:object_r:samba_share_t:s0 37 Jan 15 2011 > /lan
Why has that directory the file context `system_u:object_r:samba_share_t:s0`?
I think you should change it to `system_u:object_r:mnt_t:s0` (similar to the default context of the /mnt directory).
-- Laurent Rineau http://fedoraproject.org/wiki/LaurentRineau
|
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
