[Samba] Public shares in FC4 (update)
Don Meyer
dlmeyer at uiuc.edu
Sun Feb 26 05:43:36 GMT 2006
Look at your AVC error (below) -- to paraphrase, avc denied search
for smbd for the name "/". That is running into a problem accessing
(traversing) the root directory. Hence the need to allow "search"
on default_t.
At 09:30 PM 2/25/2006, Louis E Garcia II wrote:
>I spoke to soon. I am able to get samba working with this but not sure
>if it's correct.
>
>allow smbd_t default_t:dir search;
>
>Would it be better: allow smbd_t samba_share_t:dir search;
>
>and relabel:
>drwxrwsrwx root root system_u:object_r:samba_share_t public
>
>This seems more secure to me but doesn't work. I still get:
>
>type=AVC msg=audit(1140923608.645:86): avc: denied { search } for
>pid=3338 comm="smbd" name="/" dev=hda5 ino=2
>scontext=root:system_r:smbd_t tcontext=system_u:object_r:default_t
>tclass=dir
>...
>why does smbd_t still see system_u:object_t:default_t
>
Don Meyer <dlmeyer at uiuc.edu>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services
"They that can give up essential liberty to obtain a little
temporary safety,
deserve neither liberty or safety." -- Benjamin Franklin, 1759
More information about the samba
mailing list