SELinux: Retag errors / unconfined_u multiple avc denial
ok details first:
Key services ::
NFS ( For Mac's in the house)
SAMBA ( for win / trying to export NFS to home network as well)
SELinux : Default policy as shipped with FC11
IPTables: Nothing but the basic FC11 generated file using ' firewall [/ INDENT]via the kde gui.
Ok, so here is my problem: I was having issues exporting Samba and NFS shares AFTER allowing both service via the iptables ( checked the actual file for ACCEPT entries)and running >
I was able get everything up and running eventually; however, I am still getting alot avc denials ( miss tagged files ) after retagging at reboot.
users are being put into unconfined_u by default ( which from what i have reading kinda mitigates the any advantages of running SELinux). I could use some pointers or a point in the right direction on which way to go with user levels in SELinux as well as addressing the TONZ of avc denials after retag.
Thanks for any help. I couls post some examples of the aduit if it would help. I am just getting used to setting up iptables and account permissions and WHAM...SELinux.
This maybe totally silly but you have:
chcon -t smaba_share_t
Is that a typo here, or did you use this on your machine?
Also, i noticed your syntax was chcon -R -t vs. chcon -t ( why?)
|All times are GMT -5. The time now is 10:58 PM.|