[CentOS] NFS Selinux issues

Tue Mar 6 21:11:10 UTC 2012
Bradley Leonard <bradley at stygianresearch.com>

I'm having a strange problem with selinux and the mounting of a nfs
directory.
I'm specifying the security context as part of the mount command, yet the
security context still shows nfs.

The mount shows what the security context should be:

[root at clienthost ~]# mount
serverhost:/usr/local on /usr/local type nfs4
(rw,context="system_u:object_r:usr_t:s0",hard,intr,addr=serverhost,clientaddr=clienthost)

yet the directory permissions show the security context of nfs:

[root at clienthost ~]# ls -dZ /usr/local
drwxr-xr-x. root root system_u:object_r:nfs_t:s0       /usr/local

My /etc/fstab entry is:

serverhost:/usr/local /usr/local      nfs   
context=system_u:object_r:usr_t:s0,rw,hard,intr 0 0

This is causing some issues with some of my scripts.

Both the client and server are 6.2 servers.  The client is a virtual image
running on the server.

The only clue that i have is system logger shows:

Mar  6 13:44:39 clienthost kernel: SELinux: initialized (dev 0:14, type
nfs4), uses genfs_contexts
Mar  6 13:44:39 clienthost kernel: SELinux: initialized (dev 0:15, type
nfs4), uses genfs_contexts

I can't find any errors anywhere else on either my client or server. 
There is nothing in the audit logs on either host.

Does anybody have any ideas?

Brad
--
Bradley Leonard
EMail:  bradley at stygianresearch.com

Rob   - "The hills are alive with the..the..sound of monkeys?"
Bucky - "It's in the key of delicious."

Life is simple. Humans make it complicated.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.