Look at your AVC error (below) -- to paraphrase, avc denied search
for smbd for the name "/". That is running into a problem accessing
(traversing) the root directory. Hence the need to allow "search"
on default_t.
At 09:30 PM 2/25/2006, Louis E Garcia II wrote:
I spoke to soon. I am able to get samba working with this but not sure
if it's correct.
allow smbd_t default_t:dir search;
Would it be better: allow smbd_t samba_share_t:dir search;
and relabel:
drwxrwsrwx root root system_u:object_r:samba_share_t public
This seems more secure to me but doesn't work. I still get:
type=AVC msg=audit(1140923608.645:86): avc: denied { search } for
pid=3338 comm="smbd" name="/" dev=hda5 ino=2
scontext=root:system_r:smbd_t tcontext=system_u:object_r:default_t
tclass=dir
...
why does smbd_t still see system_u:object_t:default_t
Don Meyer <[EMAIL PROTECTED]>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services
"They that can give up essential liberty to obtain a little
temporary safety,
deserve neither liberty or safety." -- Benjamin Franklin, 1759
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
