wrt inotify problem

simo idra at samba.org
Tue Apr 10 16:26:59 GMT 2007


On Tue, 2007-04-10 at 18:20 +0200, Volker Lendecke wrote:
> On Tue, Apr 10, 2007 at 12:17:58PM -0400, simo wrote:
> > > Ok, this is really broken. SELinux allows us to set up
> > > everything necessary for inotify but then when something
> > > happens gives us an access denied? Very weird. Trying to
> > > find a fix.
> > 
> > Yes I think this is what happens, I will have a fixed policy tomorrow
> > hopefully.
> 
> We need to handle this with the default SELinux policy on
> all the FC boxes around. I don't want to add 'please disable
> SELinux' as a comment a thousand times to bugzilla as it has
> happened with the nis+ crash.

That's why dwalsh will push a fix tomorrow hopefully.

After the push an updated machine will have no problems.
There are many other things I have been working on to make sane policies
for samba. In FC7 the experience should be much better.
Right now I am running always with SELinux enforcing and 3.0.24 was
perfectly happy after my last week work with Dan on the policies.

If you have any non-working case for FC6/FC7 let me know and I will make
sure policies are updated.

If the machine policies are not updated there are many cases where samba
simply breaks for non trivial configurations, and there is nothing you
can except disabling SELinux if a policy update is refused.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org



More information about the samba-technical mailing list