McGuffey, David C. wrote:
I don't want to remove or back away from selinux in enforcing mode. I have customers who want to build applications on top of selinux, so the task at hand is to get smart and make things work with selinux.
I can't find any selinux boolean or setting to allow samba access to the required contexts. What I'd do is change your policy to permissive and use samba to access the files as you require. Then use "audit2allow" to create SELinux rules that will allow normal samba operation. Install those, and then go back to enforcing mode.