max <maximilianbianco <at> gmail.com> writes:
> File Context problems.
> If you want to move files to directories that the current policy does
> not know about you should use the semanage command to tell the system
> what to label these files.
>
> # semanage fcontext -a -t httpd_sys_script_exec_t '/myweb/cgi(/.*)?'
> # restorecon -R -v /myweb/cgi
>
> Semanage is a good tool for this, since it sets up the machine to
> permanently label these directories with this context. If the machine
Having just been pretty pleased with myself for getting my system running
I now find a problem....
First I have my home directory bind mounted from /home to /opt/Local/home
with no problems, and I bind mount using an fstab entry like
/opt/Local/home /home ext3 bind 0 0
The context for /home is system_u:object_r:home_root_t:s0
and for /opt/Local/home it is the same.
The mount works fine during boot - so I tried the same with my mail.
I have an fstab entry
/opt/Local/spool/mail /var/spool/mail ext3 0 0
The context for /var/spool/mail is system_u:object_r:mail_spool_t:s0
and for /opt/Local/spool/mail it is also the same.
I can manually do
mount /var/spool/mail and the bind mount works fine.
However on boot I get an avc denial, with kernel: type=1400 and
and avc: denied {mounton} .... comm="mount" path="/var/spool/mail"
dev=sda5 ino=419655 scontext=system_u:system_r:mount_t:so
tcontext=system_u:object_r:mail_spool_t:so class=dir
I am not sure what to change to make this work?
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
