[linux-cifs-client] Issue with mount.cifs BUT ONLY on RAID volumes... selinux on

RogerSalisbury rojee at exemail.com.au
Sun Sep 16 05:02:03 GMT 2007 


WIERD -- WIERD 
works on one machine but not the other

OK tried All this new info OUT.

The machine with RAID0  still doesn't work.
sealert says to "chcon -R -t samba_share_t /dir"  
BUT
still doesn't work!
the /dir was a /dev/md0 mount !

Should I disable selinux ... samba mount the dir & then  "chcon -R -t
samba_share_t /dir". 

also created a new local policy from the entire audit.log with "audit2allow
-M local" .

also samba_enable_home_dirs  is on 

So -- WIERD -- WIERD 


the error message suggest a very low level problem

"no such device or address"

IE a  DEVICE  issue .... 




The machine with RAID1 ---

 sealert suggested

 "setsebool -P smbd_disable_trans=1"

& that worked.

Thanks for all your help simo

Roger
________________________________________________________

simo-7 wrote:
> 
> On Sat, 2007-09-15 at 08:31 -0700, RogerSalisbury wrote:
>> This seems to be an SELINUX issue.
>> 
>> Failing to mount on raid volumes ONLY &  only when selinux is
>> enforcing.
>> 
>> selinux  messages are lacking & show no such violation
>> in /var/log/messages.
> 
> SELinux should lo in /var/log/audit/audit.log
> 
> You can use audit2allow to convert the AVC messages there into a policy
> to allow these operations.
> 
> However if you just want to share a new mount point, all you have to do
> is to mark the files in there as samba_share_t with the following
> command:
> chcon -R -t samba_share_t DIR
> where DIR is the (mounted) filesystem root.
> 
> Use ls -Z to see if they are correctly labeled.
> 
> 
> Other bools you may enable wrt samba are:
> samba_enable_home_dirs
> samba_export_all_ro
> samba_export_all_rw
> use_samba_home_dirs
> 
> you can get the complete list for your system with:
> getsebool -a |grep samba
> 
> setting any of them is as easy as:
> setsebool <opt-name> on
> (use -P to make it persistent across reboots)
> 
> 
> 
> RTM: chcon, etsebool, setsebool, audit2allow
> 
> 
> Simo.
> 
> -- 
> Simo Sorce
> Samba Team GPL Compliance Officer
> email: idra at samba.org
> http://samba.org
> 
> _______________________________________________
> linux-cifs-client mailing list
> linux-cifs-client at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux-cifs-client
> 
> 



-- 
View this message in context: http://www.nabble.com/Issue-with-mount.cifs-BUT-ONLY-on-RAID-volumes...-selinux-on-tf4448043.html#a12696776
Sent from the Samba - linux-cifs-client mailing list archive at Nabble.com.

More information about the linux-cifs-client mailing list