[linux-cifs-client] Issue with mount.cifs BUT ONLY on RAID volumes... selinux on

RogerSalisbury rojee at exemail.com.au
Sun Sep 16 05:15:20 GMT 2007 

OK NOW

relabled again the whole system & it worked on the raid0 machine.


RogerSalisbury wrote:
> 
> 
> WIERD -- WIERD 
> works on one machine but not the other
> 
> OK tried All this new info OUT.
> 
> The machine with RAID0  still doesn't work.
> sealert says to "chcon -R -t samba_share_t /dir"  
> BUT
> still doesn't work!
> the /dir was a /dev/md0 mount !
> 
> Should I disable selinux ... samba mount the dir & then  "chcon -R -t
> samba_share_t /dir". 
> 
> also created a new local policy from the entire audit.log with
> "audit2allow -M local" .
> 
> also samba_enable_home_dirs  is on 
> 
> So -- WIERD -- WIERD 
> 
> 
> the error message suggest a very low level problem
> 
> "no such device or address"
> 
> IE a  DEVICE  issue .... 
> 
> 
> 
> 
> The machine with RAID1 ---
> 
>  sealert suggested
> 
>  "setsebool -P smbd_disable_trans=1"
> 
> & that worked.
> 
> Thanks for all your help simo
> 
> Roger
> ________________________________________________________
> 
> simo-7 wrote:
>> 
>> On Sat, 2007-09-15 at 08:31 -0700, RogerSalisbury wrote:
>>> This seems to be an SELINUX issue.
>>> 
>>> Failing to mount on raid volumes ONLY &  only when selinux is
>>> enforcing.
>>> 
>>> selinux  messages are lacking & show no such violation
>>> in /var/log/messages.
>> 
>> SELinux should lo in /var/log/audit/audit.log
>> 
>> You can use audit2allow to convert the AVC messages there into a policy
>> to allow these operations.
>> 
>> However if you just want to share a new mount point, all you have to do
>> is to mark the files in there as samba_share_t with the following
>> command:
>> chcon -R -t samba_share_t DIR
>> where DIR is the (mounted) filesystem root.
>> 
>> Use ls -Z to see if they are correctly labeled.
>> 
>> 
>> Other bools you may enable wrt samba are:
>> samba_enable_home_dirs
>> samba_export_all_ro
>> samba_export_all_rw
>> use_samba_home_dirs
>> 
>> you can get the complete list for your system with:
>> getsebool -a |grep samba
>> 
>> setting any of them is as easy as:
>> setsebool <opt-name> on
>> (use -P to make it persistent across reboots)
>> 
>> 
>> 
>> RTM: chcon, etsebool, setsebool, audit2allow
>> 
>> 
>> Simo.
>> 
>> -- 
>> Simo Sorce
>> Samba Team GPL Compliance Officer
>> email: idra at samba.org
>> http://samba.org
>> 
>> _______________________________________________
>> linux-cifs-client mailing list
>> linux-cifs-client at lists.samba.org
>> https://lists.samba.org/mailman/listinfo/linux-cifs-client
>> 
>> 
> 
> 



-- 
View this message in context: http://www.nabble.com/Issue-with-mount.cifs-BUT-ONLY-on-RAID-volumes...-selinux-on-tf4448043.html#a12696827
Sent from the Samba - linux-cifs-client mailing list archive at Nabble.com.

More information about the linux-cifs-client mailing list