NFS sharing is blocked

[Aurelien Bompard <gauret free fr>]

Hi all,

Since the last policy upgrade, I can't share my NFS dir. Since this
directory is also available through apache, I had to set its type to
httpd_sys_content_t.

I'm getting this type of message :
type=AVC msg=audit(1146845517.056:16545): avc:  denied  { getattr } for 
pid=8729 comm="rpc.mountd" name="musique" dev=md0 ino=17039419
scontext=user_u:system_r:nfsd_t:s0
tcontext=user_u:object_r:httpd_sys_content_t:s0 tclass=dir

Which type should it be labeled to to be seen from NFS and from Apache (and
from FTP by the way) ?

Which leads me to another question: is there a tool to view which
file_contexts a program is allowed to access ? If there isn't, do you think
it wouldn't be hard to write one (can the python bindings do that) ?

Thanks

Aurélien
-- 
http://aurelien.bompard.org  ~~~~  Jabber : abompard jabber fr
"Millions long for immortality who do not know what to do with themselves
on a rainy Sunday afternoon." -- Susan Ertz