|
On 05/24/14 01:02, toản cù wrote:
Hi all!
I just researching
policy in selinux and Samba , SELinux has policy module
separate for samba. I only know the label samba_share_t used
to share data when labeled in SELinux enforcing mode.
I want to use SELinux
further intervention on the issue of decentralization for
each user to access data on the samba. How the same file (*.
docx, *. txt), user1 can read, write but user2 is not.
And one more question:
in a group have different users the same access to the
samba. those users have some same rights, and some the right
different. example the rights to read,write on a file is
different. How to make a difference the rights between users
in the same group
Look forward your help!
Thanks!
--
Mr.Toan-Cu Xuan
School
of Electronics and Telecommunications
Hanoi
University of Science and Technology
1
Dai Co Viet, Ha noi, Viet nam.
Phone:
01656228762
Email:xuantoanbkfet@xxxxxxxxx
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
I don't think smbd spawns a new process when a new user logs in
(that's why we have 'force user'), so there's no way for SELinux to
identify the login user of the SMB service.
Otherwise what could've been done is set the umask to 077 and
inherit owner, inherit permissions to yes. So DAC whould've been
good enough for the purpose.
I dont remember how
|
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
