[linux-cifs-client] Issue with mount.cifs BUT ONLY on RAID
volumes... selinux on
RogerSalisbury
rojee at exemail.com.au
Sun Sep 16 05:15:20 GMT 2007
OK NOW
relabled again the whole system & it worked on the raid0 machine.
RogerSalisbury wrote:
>
>
> WIERD -- WIERD
> works on one machine but not the other
>
> OK tried All this new info OUT.
>
> The machine with RAID0 still doesn't work.
> sealert says to "chcon -R -t samba_share_t /dir"
> BUT
> still doesn't work!
> the /dir was a /dev/md0 mount !
>
> Should I disable selinux ... samba mount the dir & then "chcon -R -t
> samba_share_t /dir".
>
> also created a new local policy from the entire audit.log with
> "audit2allow -M local" .
>
> also samba_enable_home_dirs is on
>
> So -- WIERD -- WIERD
>
>
> the error message suggest a very low level problem
>
> "no such device or address"
>
> IE a DEVICE issue ....
>
>
>
>
> The machine with RAID1 ---
>
> sealert suggested
>
> "setsebool -P smbd_disable_trans=1"
>
> & that worked.
>
> Thanks for all your help simo
>
> Roger
> ________________________________________________________
>
> simo-7 wrote:
>>
>> On Sat, 2007-09-15 at 08:31 -0700, RogerSalisbury wrote:
>>> This seems to be an SELINUX issue.
>>>
>>> Failing to mount on raid volumes ONLY & only when selinux is
>>> enforcing.
>>>
>>> selinux messages are lacking & show no such violation
>>> in /var/log/messages.
>>
>> SELinux should lo in /var/log/audit/audit.log
>>
>> You can use audit2allow to convert the AVC messages there into a policy
>> to allow these operations.
>>
>> However if you just want to share a new mount point, all you have to do
>> is to mark the files in there as samba_share_t with the following
>> command:
>> chcon -R -t samba_share_t DIR
>> where DIR is the (mounted) filesystem root.
>>
>> Use ls -Z to see if they are correctly labeled.
>>
>>
>> Other bools you may enable wrt samba are:
>> samba_enable_home_dirs
>> samba_export_all_ro
>> samba_export_all_rw
>> use_samba_home_dirs
>>
>> you can get the complete list for your system with:
>> getsebool -a |grep samba
>>
>> setting any of them is as easy as:
>> setsebool <opt-name> on
>> (use -P to make it persistent across reboots)
>>
>>
>>
>> RTM: chcon, etsebool, setsebool, audit2allow
>>
>>
>> Simo.
>>
>> --
>> Simo Sorce
>> Samba Team GPL Compliance Officer
>> email: idra at samba.org
>> http://samba.org
>>
>> _______________________________________________
>> linux-cifs-client mailing list
>> linux-cifs-client at lists.samba.org
>> https://lists.samba.org/mailman/listinfo/linux-cifs-client
>>
>>
>
>
--
View this message in context: http://www.nabble.com/Issue-with-mount.cifs-BUT-ONLY-on-RAID-volumes...-selinux-on-tf4448043.html#a12696827
Sent from the Samba - linux-cifs-client mailing list archive at Nabble.com.
More information about the linux-cifs-client
mailing list