[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Problem with samba mounts via fstab and credentials option

From: Dan Thurman <dant cdkkt com>
To: fedora-selinux-list redhat com
Subject: Problem with samba mounts via fstab and credentials option
Date: Thu, 10 Jan 2008 17:06:51 -0800

When one adds a samba share via /etc/fstab and using as an entry:

credentials=/etc/share/auth.smb in the options field

This file contains sensitive username/password data, has a samba_etc_t type 
but on reboot, SELinux does not allow the mount.cifs program to read fstab 
entries containing the credentials mount options and produces an error 13 
message during the loading of the services. The result is that the mount has 
failed and must be remounted manually as a root user after the system comes 
up.

The logs show:

type=AVC msg=audit(1200012700.796:14): avc:  denied  { read } for 
pid=2528 comm="mount.cifs" name="auth.smb" dev=sda5 ino=788340
scontext=system_u:system_r:mount_t:s0 
tcontext=system_u:object_r:samba_etc_t:s0 tclass=file

Should I simply attempt to chcon -t mount_t /etc/samba.auth.smb or should this 
be handled differently?

Thanks-
Dan

Follow-Ups:
- Re: Problem with samba mounts via fstab and credentials option
  - From: Dan Thurman

References:
- Re: [F8] ALSA problems. [SOLVED]
  - From: Mr.Scrooge

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]