Displaying 20 results from an estimated 8000 matches similar to: "SELinux settings for directory shared via NFS and samba?"
2019 Jul 19
1
SELinux settings for directory shared via NFS and samba?
> On Jul 19, 2019, at 8:27 AM, Leon Fauster via CentOS <centos at centos.org> wrote:
>
> Am 19.07.2019 um 14:51 schrieb hw <hw at gc-24.de>:
>> Hi,
>>
>> what do I need to do to share the same directory with both NFS and samba?
>> SElinux requires 'samba_share_t' for samba and 'nfs_t' for NFS, and AFAIC
>> I can't set both at
2019 Jul 19
0
SELinux settings for directory shared via NFS and samba?
Am 19.07.2019 um 14:51 schrieb hw <hw at gc-24.de>:
> Hi,
>
> what do I need to do to share the same directory with both NFS and samba?
> SElinux requires 'samba_share_t' for samba and 'nfs_t' for NFS, and AFAIC
> I can't set both at the same time on a directory.
Maybe samba_share_nfs boolean? (not tested)
--
LF
2016 Jul 06
2
How to have more than on SELinux context on a directory
> If I understand well, I could add a type to another type?!?!?!
No.
The default targeted policy is mostly about Type Enforcement. Quote from
the manual:
"All files and processes are labeled with a type: types define a SELinux
domain for processes and a SELinux type for files. SELinux policy rules
define how types access each other, whether it be a domain accessing a
type, or a
2016 Jul 07
2
How to have more than on SELinux context on a directory
On 06/07/16 21:17, Bernard Fay wrote:
> I can access /depot/tftp from a tftp client but unable to do it from a
> Windows client as long as SELinux is enforced. If SELinux is permissive I
> can access it then I know Samba is properly configured.
>
> # getenforce
> Enforcing
> # ls -dZ /depot/tftp/
> drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 /depot/tftp/
>
2008 Oct 30
1
nfs mounted /home and selinux
I'm trying to set the context on an nfs mounted /home. I believe
exactly like in Redhat's Deployment Guide at
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/ch45s02s03.html
On my system running CentOS 5.2:
$ ls -alZ /home
drwxr-xr-x root root system_u:object_r:home_root_t .
drwxr-xr-x root root system_u:object_r:root_t ..
$ mount -t
2012 Feb 16
3
Baffled by selinux
Apache DocumentRoot on an NFS directory:
[root at localhost ~]# service httpd start
Starting httpd: Warning: DocumentRoot [/home/www/html] does not exist
Syntax error on line 292 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
[FAILED]
[root at localhost ~]#
After some research, I found this (dated) link
2016 Jul 05
4
How to have more than on SELinux context on a directory
????????? ???????? ????? 2016-07-05 19:58:
>> I need to have the tftpdir_rw_t and samba_share_t SELinux context
>> on
>> the same directory.
>>
>> How can we do this? Is it feasible to have more than one SELinux
>> context?
>
> I don't think it's possible/feasible.
> You'd probably need to add a new type and necessary rules to your
2007 Dec 07
0
mounting nfs as httpd_sys_content_t under selinux
I have a NFS mount that I want apache to be able to serve
files from.
According to this doc:
http://www.centos.org/docs/5/html/5.1/Deployment_Guide/rhlcommon-section-0097.html
I should be able to mount it with a context that will allow
apache to access it.
But when I try the command they suggest:
[root at vm-37:~] mount -t nfs -o \
context=system_u:object_r:httpd_sys_content_t \
2017 Sep 23
2
more selinux problems ...
Hi,
how do I allow lighttpd access to a directory like this:
dr-xrwxr-x. lighttpd example unconfined_u:object_r:samba_share_t:s0 files_articles
I tried to create and install a selinux module, and it didn?t work.
The non-working module can not be removed, either:
semodule -r lighttpd-files_articles.pp
libsemanage.semanage_direct_remove_key: Unable to remove module lighttpd-files_articles.pp at
2010 Oct 15
1
NFS4 + SELinux
All test machines are CentOS 5.5 (RHEL subscriptions purchased).
We've had NFS3 storage working fine and decided to try NFS4.
We can mount an NFS4 share on our KVM host, but the SELinux file context on the mountpoint directory is magically changed from virt_image_t to nfs_t. Restorecon refuses to change it back.
Adding the mount option context=system_u:object_r:virt_image_t on either server
2014 Mar 31
2
Centos and Selinux issue
Hi list,
I'm new to Centos and I've a very small knowledge of selinux use.
I can disable it, but I prefer take it on for study.
I've a second mirrored device that I use for file sharing.
This is the scenario:
/dev/md2 mounted on /mnt/data
To make samba working I must set the file context to the path at
samba_share_t on /mnt/data. After this samba works.
Now I'm setting up
2016 Jul 05
3
How to have more than on SELinux context on a directory
Hello,
I need to have the tftpdir_rw_t and samba_share_t SELinux context on
the same directory.
How can we do this? Is it feasible to have more than one SELinux context?
Thanks,
Bernard
2014 Dec 17
4
selinux-policy update resets /etc/selinux/targeted/contexts/files/file_contexts?
Hi,
On an internal webserver (latest C6) I want smb-access to /var/www/html/
In april I did
chcon -R -t public_content_rw_t /var/www/html/
setsebool -P allow_smbd_anon_write 1
setsebool -P allow_httpd_anon_write 1
echo "/var/www/html/ -- unconfined_u:object_r:public_content_rw_t:s0" >> /etc/selinux/targeted/contexts/files/file_contexts
After the latest round
2016 Jul 08
0
How to have more than on SELinux context on a directory
Thanks Fabian,
That's what I need! A bit more open than I wish but it is ok.
One more thing... I got some problems to get the man page for
tftpd_selinux.
[ ]$ yum search tftpd_selinux
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
Warning: No matches found for: tftpd_selinux
No matches found
[ ~]$ yum provides tftpd_selinux
Loaded plugins: fastestmirror, langpacks
2015 Jun 20
2
puppet files denied by SELinux
Hey folks,
Ok so I'm having another issue with SELinux. However I think I'm pretty
close to a solution and just need a nudge in the right directtion.
I wrote a puppet module that gets systems into bacula backups. Part of the
formula is to distribute key/cert pairs with permissions that allow bacula
to read them so that bacula can talk to the host over TLS. It's pretty
slick, I must
2009 Mar 19
1
SELinux - different context on subdirectories
Hi all,
I have created a directory /srv with the following SELinux context:
system_u:object_r:var_t
Now I want to create a subdirectory within /srv which should get a
different context. So I tried to set e.g.:
semanage fcontext -a -t samba_share_t /srv/samba
/sbin/restorecon -v /srv/samba
but the context is always reset to:
system_u:object_r:var_t
What am I missing?
Best Regards
Marcus
2016 Sep 16
0
SELinux module
I do not want to disable SELinux at large but only for a directory and its
sub-directories.
On Fri, Sep 16, 2016 at 8:31 AM, Eddie G. O'Connor Jr. <eoconnor25 at gmail.com
> wrote:
> Not sure about most others, but I was always told that you never disable
> Selina. Of course that is in a business/corporate setting. If it's just
> you at home with a few servers? Then
2018 May 04
4
Samba HOWTO wiki bug: chcon samba_share_t
In this wiki article:
https://wiki.centos.org/HowTos/SetUpSamba
?there is a command down in section 2 that gives an error here on CentOS 7:
$ sudo semanage fcontext ?at samba_share_t /path/to/share
?noise noise noise?
semanage: error: unrecognized arguments: samba_share_t /path/to/share
That and the following restorecon command can be replaced by a single shorter command, which
2016 Sep 16
2
SELinux module
Hello everyone,
I have a problem with oddjob_mkhomedir on a NFS mount point. The actual
context is nfs_t
drwxr-xr-x. root root system_u:object_r:nfs_t:s0 users/
With this type, oddjob_mkhomedir cannot do is job of creating home user
directories.
In the logs, I found about creating a new module with audi2allow and
semodule:
[root@ audit]# sealert -l fe2d7f60-d3ff-405b-b518-38d0cf021598
2018 May 04
2
Samba HOWTO wiki bug: chcon samba_share_t
On May 4, 2018, at 5:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote:
>
> On 05/04/2018 12:03 PM, Warren Young wrote:
>> ?there is a command down in section 2 that gives an error here on CentOS 7:
>>
>> $ sudo semanage fcontext ?at samba_share_t /path/to/share
>> ?noise noise noise?
>> semanage: error: unrecognized arguments: