Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
selinux is preventing samba (/usr/sbin/smbd) "rename" win2003.log (samba_log_t)
Below that message is a line with the original access vector cache (AVC) warning from /var/log/audit/audit.log (or /var/log/messages if you don't run Auditd). If you echo that line and pipe it through 'audit2allow' you should get a rule something like "allow smbd_t samba_log_t:file rename;". This rule you can add to your local policy module. If that does not work then you can disable SELinux protection for Samba by setting 'setsebool -P smbd_disable_trans 1' and restart Samba. Again, this disables SELinux protection for Samba, and given the fact Samba doesn't have a spotless past with respect to vulnerabilities you should at the same time beef up your auditing and security and submit a ticket to Red Hats bug tracker.