[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

mount and context translations



I found that fstab entries like these:

/srv/softlib/fedora/stentz/FC4-i386-DVD.iso /srv/softlib/fedora/stentz/dvd iso9660 ro,loop,fscontext=system_u:object_r:public_content_t 0 0

weren't working at boot time but would work if I did "mount
-a" (unconfined).

The fix:

policy_module(localmisc, 0.0.2)

require {
        type mount_t;
        type security_t;
}

# Allow mount to do context translations
allow mount_t security_t:dir search;
allow mount_t security_t:file read;

Paul.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]