On Tue, 2006-04-11 at 22:48 -0400, Tim Largy wrote: > On 4/11/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote: > > I'd like to know where /somewhere/else actually is before answering that. > > /somewhere/else happens to be called /scratch/share on my system. > Nothing special about it. That should be OK then, with the suggestion I gave in the previous message (described below). You might need to do this though: # chcon -t mnt_t /scratch > > If you've set up some area specifically for sharing data, like for > > instance /srv/public (using directories under /srv is a good place for > > this sort of thing), you can do: > > > > # chcon -Rt public_content_rw_t /srv/public > > > > The "public content" type is readable by a variety of different servers > > such as samba, httpd, ftpd, rsync etc. You can select which one(s) of > > them is/are allowed to write to the area using a separate boolean for > > each. So for samba, you'd use: > > > > # setsebool -P allow_smb_anon_write 1 > > Thanks, that does make sense to me, but it didn't work. Hmmm. What denial(s) is/are you getting now in /var/log/messages when you try to access this area using samba? > And for those viewers watching at home, there is a spelling error in > one of the selinux-related man pages and the boolean mentioned above > is actually spelled allow_smbd_anon_write. Good spot. I posted a note about this on fedora-selinux-list so it should get fixed before long. Paul.
