On Sun, 2008-07-13 at 11:49 -0400, Filipe Brandenburger wrote:
Hi,
Please try to be more specific about what you are trying to do, how you are trying to do it, what you expected, what is going wrong, and what you tried to do to repair it. Your previous mail looks like the output of a tool, I don't even know which. Knowing that would help solve your issue.
tool: setroubleshoot.noarch :: gui helps solve selinux problesm either Redhat\Fedora epel or rpmforge d\l
From what I see, you are trying to mount an .iso file in a target
directory inside Samba's tree, and SELinux is denying that (with the AVC you showed on your original message).
The 4 isos are shared to Fedora clients using samba, everyfile under the shared main mountpoint has SElinux samba shared context.
SELinux complains because the target directory is not marked with the "mnt_t" type and, for security, it restricts mounting filesystems only to directories with that type.
That is probably what I'm looking for
To change that, you could use "chcon" to set the type to the directory where you want to mount your iso.
# chcon -t mnt_t /path/to/mountpoint # mount -o loop,ro /path/to/iso/Fedora.iso /path/to/mountpoint
You can use ls -Z (or if it's a directory ls -dZ) to verify the SELinux user:role:type of the file.
Please let us know how that works for you.
Will give a good check in the am.
HTH, Filipe
Frank