Displaying 20 results from an estimated 3000 matches similar to: "ARGH... once again samba causes "permission" errors. SOLVED"
2008 Jul 13
1
Can an ISO be specified allow mount "setsebool -P allow_mount_iso=1" insted of "setsebool -P allow_mount_anyfile=1" SE context samba share
Summary:
SELinux prevented mount from mounting on the file or directory
"./Fedora-9-Everything-i386-DVD1.iso" (type "samba_share_t").
Detailed Description:
SELinux prevented mount from mounting a filesystem on the file or
directory
"./Fedora-9-Everything-i386-DVD1.iso" of type "samba_share_t". By
default
SELinux limits the mounting of filesystems to only
2016 Jul 06
2
How to have more than on SELinux context on a directory
> If I understand well, I could add a type to another type?!?!?!
No.
The default targeted policy is mostly about Type Enforcement. Quote from
the manual:
"All files and processes are labeled with a type: types define a SELinux
domain for processes and a SELinux type for files. SELinux policy rules
define how types access each other, whether it be a domain accessing a
type, or a
2016 Jul 07
2
How to have more than on SELinux context on a directory
On 06/07/16 21:17, Bernard Fay wrote:
> I can access /depot/tftp from a tftp client but unable to do it from a
> Windows client as long as SELinux is enforced. If SELinux is permissive I
> can access it then I know Samba is properly configured.
>
> # getenforce
> Enforcing
> # ls -dZ /depot/tftp/
> drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 /depot/tftp/
>
2017 Sep 23
2
more selinux problems ...
Hi,
how do I allow lighttpd access to a directory like this:
dr-xrwxr-x. lighttpd example unconfined_u:object_r:samba_share_t:s0 files_articles
I tried to create and install a selinux module, and it didn?t work.
The non-working module can not be removed, either:
semodule -r lighttpd-files_articles.pp
libsemanage.semanage_direct_remove_key: Unable to remove module lighttpd-files_articles.pp at
2016 Jul 06
0
How to have more than on SELinux context on a directory
I can access /depot/tftp from a tftp client but unable to do it from a
Windows client as long as SELinux is enforced. If SELinux is permissive I
can access it then I know Samba is properly configured.
# getenforce
Enforcing
# ls -dZ /depot/tftp/
drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 /depot/tftp/
And if I do it the other way around, give the directory a type
samba_share_t then
2009 Mar 19
1
SELinux - different context on subdirectories
Hi all,
I have created a directory /srv with the following SELinux context:
system_u:object_r:var_t
Now I want to create a subdirectory within /srv which should get a
different context. So I tried to set e.g.:
semanage fcontext -a -t samba_share_t /srv/samba
/sbin/restorecon -v /srv/samba
but the context is always reset to:
system_u:object_r:var_t
What am I missing?
Best Regards
Marcus
2016 Feb 29
0
Odd selinux complaints on new, fully updated CentOS 7
Just installed 7.2, and I'm seeing this - is this a bug in the policy?
**************************
SELinux is preventing systemd-readahe from add_name access on the
directory .readahead.new.
***** Plugin catchall_labels (83.8 confidence) suggests
*******************
If you want to allow systemd-readahe to have add_name access on the
.readahead.new directory
Then you need to change the
2007 Jan 26
0
Dovecot POP3 fails to chdir under FC6
I started the Dovecot POP3 server under Fedora Core 6 (rpm
dovecot-1.0-1.1.rc15.fc6),
but some users couldn't connect, with /var/log/maillog show the message
Jan 24 13:20:00 mmace dovecot: chdir(/branch/home/mmace) failed with uid
205: Permission denied
Jan 24 13:20:00 mmace dovecot: child 18792 (pop3) returned error 89
(I had already edited first_valid_UID in /etc/dovecot.conf to allow
2016 Jul 08
0
How to have more than on SELinux context on a directory
Thanks Fabian,
That's what I need! A bit more open than I wish but it is ok.
One more thing... I got some problems to get the man page for
tftpd_selinux.
[ ]$ yum search tftpd_selinux
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
Warning: No matches found for: tftpd_selinux
No matches found
[ ~]$ yum provides tftpd_selinux
Loaded plugins: fastestmirror, langpacks
2016 Dec 30
3
CentOS 7 samba server + mac client problems
We?ve just started to try to configure a new CentOS 7 disk server, and NFS seems OK so far, but I?m having problems with smb mounts to a Mac OS X client.
I have the [homes] section as usual, and some additional shares restricted to specific users, but none seem to work. I know I?m authenticating OK (both from the smbd logs and because when I type the wrong password the Mac?s behavior is
2011 Jun 09
0
Samba on RHEL 6: Permission denied when mounting FUSE partition
Hello,
I am successfully connecting my Windows box to a RHEL 5 over SMB. This works for both mounting a regular share as well as (my own implementation of) a FUSE mountpoint.
On RHEL 6 I can only mount a regular share, but not a FUSE mountpoint. I am getting a Permission Denied error.
On both machines I have disabled firewall and I set SELinux to permissive.
Does anybody know why this
2017 May 04
4
Centos 7 Samba - all shares read only
I few weeks back my server started having a problem where all shares are now
readonly. AFAIK nothing has changed except a 'yum update' which was probably
around the same time.
Everyone still has the shares on their Win7 PC's and can see the contents.
However, if they try to open a file it opens read only. If the try to create
a new file (e.g. right click -> New -> Text
2012 Dec 27
4
Samba vs. Firewall and/or SELinux
Hi all.
I created a smb-share on my el6 for all windows-pcs in my
home-network (I'm the only Linux-User in my family) for sharing all the
stuff we have, like music and videos and documents. The share will be
shown on the other pcs (Windows XP), but they can't open it. The
error-message ist "Share not found" on our preferred language of course!
SELINUX-CONFIG
sh-4.1# cat
2018 May 04
4
Samba HOWTO wiki bug: chcon samba_share_t
In this wiki article:
https://wiki.centos.org/HowTos/SetUpSamba
?there is a command down in section 2 that gives an error here on CentOS 7:
$ sudo semanage fcontext ?at samba_share_t /path/to/share
?noise noise noise?
semanage: error: unrecognized arguments: samba_share_t /path/to/share
That and the following restorecon command can be replaced by a single shorter command, which
2016 Jul 05
4
How to have more than on SELinux context on a directory
????????? ???????? ????? 2016-07-05 19:58:
>> I need to have the tftpdir_rw_t and samba_share_t SELinux context
>> on
>> the same directory.
>>
>> How can we do this? Is it feasible to have more than one SELinux
>> context?
>
> I don't think it's possible/feasible.
> You'd probably need to add a new type and necessary rules to your
2018 May 04
2
Samba HOWTO wiki bug: chcon samba_share_t
On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote:
>
> On 05/04/2018 12:03 PM, Warren Young wrote:
>> ?there is a command down in section 2 that gives an error here on CentOS 7:
>>
>> $ sudo semanage fcontext ?at samba_share_t /path/to/share
>> ?noise noise noise?
>> semanage: error: unrecognized arguments:
2017 Jan 03
0
CentOS 7 samba server + mac client problems
Only Mac clients are affected? Have you tested a Linux (e.g. Fedora 25
live OS would do) client?
It's necessary for all files to have selinux context
system_u:object_r:samba_share_t:s0. You can either user chcon -R to
apply it recursively to a particular directory you're sharing, or if
it's an entire (dedicated) volume, you can apply it volume wide with a
mount option, 'mount -o
2017 Jan 03
1
CentOS 7 samba server + mac client problems
> On Jan 3, 2017, at 1:24 PM, Chris Murphy <lists at colorremedies.com> wrote:
>
> Only Mac clients are affected? Have you tested a Linux (e.g. Fedora 25
> live OS would do) client?
>
> It's necessary for all files to have selinux context
> system_u:object_r:samba_share_t:s0. You can either user chcon -R to
> apply it recursively to a particular directory
2017 May 04
0
Centos 7 Samba - all shares read only
Pretty sure smb gets "control" of a directory via the group. For my
setup, each directory defined by a path in smb.conf has group
smbusers, and has rwx permissions. This is applied just to that
directory, it is not applied recursively. The files and folders in
that directory have the actual remote user's ownership and
permissions.
What is applied recursively is the selinux label. I
2018 May 04
2
Samba HOWTO wiki bug: chcon samba_share_t
On May 4, 2018, at 3:03 PM, Akemi Yagi <amyagi at gmail.com> wrote:
>
> On Fri, May 4, 2018 at 12:03 PM, Warren Young <warren at etr-usa.com> wrote:
>>
>> $ sudo chcon -R -t samba_share_t /path/to/share
>
> Updated the page as suggested. Thanks.
Thanks!
I now see another instance of this in section 3. Instead of copying the text verbatim, it should