[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [FC5] Samba and SELinux

From: Dan Thurman <dant cdkkt com>
To: Stephen Smalley <sds tycho nsa gov>
Cc: fedora-selinux-list redhat com
Subject: Re: [FC5] Samba and SELinux
Date: Tue, 11 Apr 2006 09:06:21 -0700

On Tue, 2006-04-11 at 08:05 -0400, Stephen Smalley wrote:
> On Mon, 2006-04-10 at 10:01 -0700, Dan Thurman wrote:
> > I su as root initially and in my /root directory
> > and created the "foo" there.  You did not state
> > where to create "foo" so if I did this in the
> > wrong place, please let me know.
> 
> Re-added the list to the cc line above.
> 
> It doesn't matter where you create it - it is just a temporary working
> directory.
> 
> >   I downloaded the
> > checkmodule and installed it earlier so it appears
> > that this time everything works, except that in the
> > tmp file created, I did not get the same files as
> > you may have.  Here is the log of actions:
> > 
> > [dant copper ~]$ su -
> > Password:
> > [root copper ~]# mkdir foo
> > [root copper ~]# cd foo
> > [root copper foo]# vi local.te
> > [root copper foo]# touch local.if local.fc
> > [root copper foo]# make -f /usr/share/selinux/devel/Makefile
> > Compliling targeted local module
> > /usr/bin/checkmodule:  loading policy configuration from tmp/local.tmp
> > /usr/bin/checkmodule:  policy configuration loaded
> > /usr/bin/checkmodule:  writing binary representation (version 5) to
> > tmp/local.mod
> > Creating targeted local.pp policy package
> > rm tmp/local.mod.fc tmp/local.mod
> > [root copper foo]# ls
> > local.fc  local.if  local.pp  local.te  tmp
> > [root copper foo]# ls tmp
> > all_interfaces.conf  local.mod.role  local.tmp
> > [root copper foo]#
> 
> Looks correct to me, and matches what was in my original message.  So
> now you finish the sequence of instructions I provided originally, i.e.
> # semodule -i local.pp
> 
> Then retry accessing /var/www content from samba, and if it still
> doesn't work, check your /var/log/messages file for avc:  denied
> messages.
> 

Ok, I thought the file local.pp was to exist somewhere which I did not
find anywhere.  That was my confusion.

OK I issued:  semodule -i local.pp
and it completed.

I went to a windows system and I am now able to view /var/www contents.
I am also able to create and delete files and directories.  All is now
working well!.

If there is anything else, please let me know.

Kind regards,
Dan

References:
- [FC5] Samba and SELinux
  - From: Dan Thurman
- Re: [FC5] Samba and SELinux
  - From: Bob Kashani
- Re: [FC5] Samba and SELinux
  - From: Dan Thurman
- Re: [FC5] Samba and SELinux
  - From: Paul Howarth
- Re: [FC5] Samba and SELinux
  - From: Dan Thurman
- Re: [FC5] Samba and SELinux
  - From: Stephen Smalley
- Re: [FC5] Samba and SELinux
  - From: Stephen Smalley

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]