[CentOS] Centos and Selinux issue

Mon Mar 31 14:18:57 UTC 2014
Alessandro Baggi <alessandro.baggi at gmail.com>

Hi list,
I'm new to Centos and I've a very small knowledge of selinux use.

I can disable it, but I prefer take it on for study.

I've a second mirrored device that I use for file sharing.
This is the scenario:

/dev/md2 mounted on /mnt/data

To make samba working I must set the file context to the path at 
samba_share_t on /mnt/data. After this samba works.

Now I'm setting up postgresql on the same machine, and for first disk 
size I must use /dev/md2.

After configuring postgresql script to init the db, and setting up the 
alternative data path pointing to /mnt/data/pgsql/data, initdb or start 
postgresql fail. This issue is selinux related.

Now, directory /mnt/data/pgsql/data, has fcontext to samba_share_t and 
postgresql init script give permission denied on 
/mnt/data/pgsql/data/postgresql.conf.

At this point I've tried to set with chcon /mnt/data at postgresql_db_t, 
rerun initdb and /etc/init.d/postgresql start and all works fine, except 
for samba. I can't access anymore the share (for context change).

I've tried to set:

/mnt/data to samba_share_t
/mnt/data/pgsql to postgresql_db_t

but with this config is pgsql that does not work.

At this point, is possible set to /mnt/data a multiple context to make 
samba and postgresql to get working on the same path, or I must use 
"public....."

It's a better choice mount /dev/md2 on /mnt/data, make to dirs, one for 
pgsql and another for sambashare, set relative context and start services?


Thanks in advance.

Alessandro.