search for: smbd_t

...nt_rw_t '/myrootfolder(/.*)?' restorecon -R -v /myrootfolder After that I can indeed create, write and update files anywhere in the share and its subfolders, I can also delete folders, but I cannot create or rename folders though! sesearch --allow -C | grep samba_export_all_rw: DT allow smbd_t noxattrfs : file { ioctl read getattr lock open } ; [ samba_export_all_rw ] DT allow smbd_t noxattrfs : dir { getattr search open } ; [ samba_export_all_rw ] DT allow smbd_t non_security_file_type : file { ioctl read write create getattr setattr lock append unlink link rename open } ; [ samba_e...

...found on the website. The nmbd starts fine, but smbd never starts, and in the kernel log, I get the following message.... "<5>audit(1194957676.859:270): avc: denied { write } for pid=14000 comm="smbd" name="secrets.tdb" dev=hda2 ino=2490462 scontext=root:system_r:smbd_t:s0 tconte xt=root:object_r:etc_t:s0 tclass=file <5>audit(1194957768.575:272): avc: denied { write } for pid=14025 comm="smbd" name="secrets.tdb" dev=hda2 ino=2490462 scontext=root:system_r:smbd_t:s0 tconte xt=root:object_r:etc_t:s0 tclass=file <5>audit(1194957793...

...bd runs as "root", doesn't it?) Is this maybe a SELinux setting problem? # tail /var/log/audit/audit.log (only at the new VM) type=AVC msg=audit(1303720863.712:53): avc: denied { search } for pid=6737 comm="smbd" name="/" dev=sda3 ino=2 scontext=user_u:system_r:smbd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1303720863.712:53): arch=c000003e syscall=4 success=no exit=-13 a0=2b79380c9620 a1=7fff35dfe9f0 a2=7fff35dfe9f0 a3=ea items=0 ppid=6543 pid=6737 auid=500 uid=500 gid=0 euid=500 suid=0 fsuid=500 egid=500 sgid=0 fsgid=500...

...k, but I keep seeing this message on the active console. I have no idea where it comes from nor what it means. type=1400 audit(1260446462.444:9): avc: denied { getattr } for pid=2200 comm="smbd" path="/proc/sys/fs/binfmt_misc" dev=binfmt_misc ino=4348 scontext=root:system_r:smbd_t:s0 tcontext=system_u:object_r:binfmt_misc_fs_t:s0 tclass=dir What is it, what is triggering it and how do I fix it? Thanks, Bob McConnell N2SPP

.... Fine; this is documented in samba_selinux(8). However, I still see the following in my /var/log/audit/audit.log file: type=AVC msg=audit(1200895451.310:1231): avc: denied { rename } for pid=24854 comm="smbd" name="smbd.log" dev=dm-0 ino=14254108 scontext=user_u:system_r:smbd_t:s0 tcontext=user_u:object_r:samba_log_t:s0 tclass=file type=SYSCALL msg=audit(1200895451.310:1231): arch=40000003 syscall=38 success=no exit=-13 a0=6155e0 a1=bfb8bf08 a2=60da4c a3=bfb8bf08 items=0 ppid=24848 pid=24854 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) com...

...t2allow -m samba4local > samba4local.te I edited the samba4local.te file to remove the unwanted commentary. The result looked like this: ---***--- module samba4local 1.0; require { type initrc_t; type named_t; type named_var_run_t; type ntpd_t; type ntpd_var_run_t; type smbd_t; type samba_unconfined_script_exec_t; type urandom_device_t; type var_lock_t; class unix_stream_socket connectto; class unix_dgram_socket sendto; class sock_file write; class chr_file write; class file { read write getattr open lock }; class dir { read search };...

...e_data: write failure in writing to client 192.168.0.56. Error Connection reset by peer syslog(kern.debug): May 22 16:57:37 server kernel: audit(1179827857.498:149): avc: denied { write } for pid=10734 comm="smbd" name="log" dev=tmpfs ino=24665 scontext=system_u:system_r:smbd_t:s0 tcontext=root:object_r:device_t:s0 tclass=sock_file Please, help. Philipp.

...ermission denied Jul 24 10:28:19 bf1 smbd[29486]: [2006/07/24 10:28:19, 0] smbd/service.c:make_connection_snum(911) Jul 24 10:28:19 bf1 kernel: audit(1153729699.546:3271): avc: denied { search } for pid=29486 comm="smbd" name="www" dev=dm-0 ino=13795428 scontext=root:system_r:smbd_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir Jul 24 10:28:19 bf1 smbd[29486]: '/var/www/html' does not exist or permission denied when connecting to [netadsdev] Error was Permission denied I would realy appreciate any help here Thanks Fanie Smith

At the risk of angering the crash Gods, my sustem has NOT crashed again since I downgraded the kernel from 2.6.18-1.2239.fc5 to 2.6.18-1.2200.fc5. Given that newfound stability, and my lack of time, I'm going to put on hold any further diagnostics, until the next kernel revision is released. I have submitted a report at bugzilla.redhat.com (bug 218128). (Ah, nuts; accidentally created a