[Fwd: Re: Can't export samba share] max Mon Jul 21 09:01:29 2008
That reply/reply all is a blessing and a curse :^) -------- Original Message -------- Subject: Re: Can't export samba share Date: Mon, 21 Jul 2008 11:26:12 -0400 From: max <[EMAIL PROTECTED]> To: Steve Blackwell <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> Steve Blackwell wrote:
I have a dual boot F8/XP machine and I want to export, via samba, the NTFS partition so that I can use it to back up my wife's Vista machine. It seems that selinux is preventing this from happening. Here is the summary message from setroubleshoot: SELinux is preventing the samba daemon from serving r/o local files toremote clients.and the Allowing Access section says: If you want to export file systems using samba you need to turn on the samba_export_all_ro boolean: "setsebool -P samba_export_all_ro=1". The following command will allow this access:setsebool -P samba_export_all_ro=1 There seems to be 2 problems here; 1) The filesystem that I'm trying to export is read-write not read-only and 2) I have already set samba_export_all_ro=1. In fact I also set samba_export_all_rw=1 and I even set samba_run_unconfined=1 and I still get the same messages.
I would try setting samba_export_all_ro=0, leave samba_export_all_rw=1 Those two settings will conflict and denials should always win out over allows.
Here is the filesystem I'm trying to export: # cat /etc/fstab | grep ntfs /dev/sdb1 /mnt/c_drive ntfs-3g rw,defaults,umask=0000 0 0 # ls -lZ /mnt drwxrwxrwx root root system_u:object_r:fusefs_t:s0 c_drive Here is the /etc/samba/smb.conf stanza: [Kellie] comment = Winblows backup path = /mnt/c_drive writable = yes browseable = yes valid users = Kellie User Kellie can see the Kellie share from her Vista computer but whenever she tries to use it, I get an AVC. # rpm -qa | grep selinux libselinux-python-2.0.43-1.fc8 selinux-policy-devel-3.0.8-109.fc8 libselinux-devel-2.0.43-1.fc8 selinux-policy-3.0.8-109.fc8 libselinux-2.0.43-1.fc8 selinux-policy-targeted-3.0.8-109.fc8 # uname -sr Linux 22.214.171.124-47.fc8 I suppose I could go back to permissive mode but I'd like to get this to work. Any suggestion? Thanks, Steve -- fedora-selinux-list mailing list [EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-- fedora-selinux-list mailing list [EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/fedora-selinux-list