LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-17-2007, 10:43 AM   #1
louisb
Member
 
Registered: Aug 2003
Posts: 132

Rep: Reputation: 15
RHEL 5 SELinux and NFS


I just installed RHEL 5 in a server configuration. I now want to apply NFS to the filesystems. However, when I applied NFS I now get an SELinux error message about the use of portmapper as follows:

SELinux is preventing /sbin/portmap (portmap_t) "read" access to inotify (inotifyfs_t).

As part of the message it does provide me with the command line syntax to disable SELinux security for NFS. For me that is not the answer. I want to create the appropriate policy to allow NFS to work properly within the SELinux model.

I've been reading since last night about how to create an SELinux policy. It's been very tough to understand how things work as well as how to create a SELinux security policy.

Does anyone have any experience using SELinux they'd like to share. Where can I go to find out more information about how to create an SELinux Policy?

I'm finding it very tough to understand things so far, but I'll keep trying.

Thanks
 
Old 08-17-2007, 10:59 AM   #2
bakfupai
Member
 
Registered: Apr 2006
Location: Sweden
Distribution: CentOS, RHEL, SourceMage, OpenBSD
Posts: 40

Rep: Reputation: 15
Perhaps this will help you:
http://www.nsa.gov/selinux/papers/nfsv3.pdf
http://www.redhatlinux.com/docs/manu...tion-0068.html
 
Old 08-17-2007, 07:38 PM   #3
c-had
LQ Newbie
 
Registered: Aug 2007
Posts: 2

Rep: Reputation: 0
Adding SELinux policy for simple things changed a lot (got a lot easier) between RHEL4 and RHEL5, so the RHEL4 guide might not be very helpful. Try this:

http://www.redhat.com/docs/manuals/e...cy-module.html

If you're still having trouble after looking at that, post your actual AVC denials (probably in /var/log/audit/audit.log) and I'll walk you through it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: With RHEL 5, Red Hat goes to bat for SELinux LXer Syndicated Linux News 0 06-07-2007 09:16 AM
NFS rhel - tcp/udp ebcdic Linux - Software 1 04-09-2007 09:45 AM
Problem getting NFS mount to work between 2 RHEL servers beammeup Linux - Networking 7 02-21-2007 09:34 AM
RHEL Installed over NFS logosys Red Hat 1 09-03-2005 11:57 AM
RHEL installation via NFS logosys Linux - Newbie 1 09-03-2005 12:26 AM


All times are GMT -5. The time now is 04:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration