Hello, I still have one last question on SELINUX context. As /data/satellite, which is my mount point, is a NFS exported filesystem, what do I have to do? - Only set spacewalk_nfs_mountpoint selinux boolean - Set the boolean and mount the filesystem with the "context" option *mount -t nfs -o context=**system_u:object_r:spacewalk_data_t** server:/shared/foo /mnt/foo* - Run restorecon on /data/satellite?
I'm a bit lost on selinux and NFS... Pierre 2013-09-11 16:51 GMT+02:00 Pierre Casenove <[email protected]>: > Thanks a lot for your hel^p > > Pierre > > > 2013/9/11 Maria Iano <[email protected]> > >> On Wed, Sep 11, 2013 at 03:44:08PM +0200, Pierre Casenove wrote: >> > Hello, >> > My spacewalk server is currently running on RHEL 5 x64. I'm currently >> > considering the migration under RHEL 6 x64. >> > The big modification between rhel 5 and rhel 6 in our setup is that we >> > activate SELINUX in enforcing mode in rhel 6. >> > I know that spacewlak is running well with SELINUX in enforcing mode >> but we >> > modify 2 parameters from the standard installation: >> > - mount_point is set to /data/satellite instead of default >> /var/satellite. >> > What selinux context should I apply on this folder (and subfolders)? >> > - /data/satellite is in fact a NFS mount. Are there SELINUX booleans to >> > activate to have spacewalk work using a NFS mount? >> > >> >> Take a look at the files in /etc/selinux/targeted/contexts/files to see >> what the contexts are for the standard location, or use matchpathcon. >> That will tell you what to use in your non-standard location. >> >> If you use the -C flag with sesearch it will tell you what boolean is >> involved. >> >> Finally, make sure you have the setroubleshoot package installed to get >> alerts with helpful information when selinux blocks something. >> >> Maria >> >> _______________________________________________ >> Spacewalk-list mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/spacewalk-list >> > >
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
