"Chuck" == Chuck Anderson via WLUG <wlug@lists.wlug.org> writes:
Chuck> If you don't have audit2why, first install it: Chuck> # yum install policycoreutils-python Chuck> Then you can run this command and it should tell you why it was Chuck> denied and propose way to fix it: Chuck> # cat /var/log/audit/audit.log* | audit2why Chuck> You can check these SELinux booleans and turn on the one(s) you Chuck> need, perhaps samba_enable_home_dirs or samba_export_all_ro/rw. This is damn genius! I wish there was a version for PAM as well, which is another damn black magic toolkit written by people way too smart for their own good. Keep it simple folks... Chuck> # getsebool -a|grep -i smb Chuck> smbd_anon_write --> off Chuck> # getsebool -a | grep -i samba Chuck> samba_create_home_dirs --> off Chuck> samba_domain_controller --> off Chuck> samba_enable_home_dirs --> off Chuck> samba_export_all_ro --> off Chuck> samba_export_all_rw --> off Chuck> samba_load_libgfapi --> off Chuck> samba_portmapper --> off Chuck> samba_run_unconfined --> off Chuck> samba_share_fusefs --> off Chuck> samba_share_nfs --> off Chuck> sanlock_use_samba --> off Chuck> tmpreaper_use_samba --> off Chuck> use_samba_home_dirs --> off Chuck> virt_use_samba --> off Chuck> e.g. Chuck> # setsebool -P samba_enable_home_dirs=on Chuck> On Sat, Dec 19, 2020 at 10:19:24PM -0500, Mher Mnatsakanyan via WLUG wrote:
Hi everyone.
I hope everything is well with all of you and yours.
I have a question and need help please.
I installed a Samba server on CentOS8 which works well.
When I try to mount the share from that Samba server on the client side I get a permission denied error. When I set SELinux from Enforcing to Permissive mode it seems to be mounting and the permission denied error goes away. Any suggestions how I can do the same with SELinux enforcing mode?
Thank you very much in advance.
Respectfully, Mher Mnatsakanyan Chuck> _______________________________________________ Chuck> WLUG mailing list -- wlug@lists.wlug.org Chuck> To unsubscribe send an email to wlug-leave@lists.wlug.org Chuck> Create Account: https://wlug.mailman3.com/accounts/signup/ Chuck> Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/ Chuck> Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/7I7X4V...