Find the answer to your Linux question:
Results 1 to 3 of 3
My Fedora box is giving me an SELinux security error: Code: Summary: SELinux is preventing the samba daemon from reading users' home directories. Detailed Description: SELinux has denied the samba ...
  1. 09-01-2010 #1
    micah1104
    micah1104 is offline
    Just Joined! micah1104's Avatar
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    64

    Question SELinux and Samba

    My Fedora box is giving me an SELinux security error:


    Code:
    Summary:

SELinux is preventing the samba daemon from reading users' home directories.

Detailed Description:

SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals an intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)

Allowing Access:

If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"

Fix Command:

setsebool -P samba_enable_home_dirs=1

Additional Information:

Source Context                system_u:system_r:smbd_t:s0
Target Context                unconfined_u:object_r:user_home_dir_t:s0
Target Objects                /home/micah [ dir ]
Source                        smbd
Source Path                   /usr/sbin/smbd
Port                          <Unknown>
Host                          micah.fedora
Source RPM Packages           samba-3.5.4-63.fc13
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-49.fc13
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   samba_enable_home_dirs
Host Name                     micah.fedora
Platform                      Linux micah.fedora 2.6.33.8-149.fc13.i686 #1 SMP
                              Tue Aug 17 22:45:56 UTC 2010 i686 i686
Alert Count                   72
First Seen                    Sun 29 Aug 2010 12:23:24 PM CDT
Last Seen                     Sun 29 Aug 2010 01:22:07 PM CDT
Local ID                      a9472314-9d70-4e5e-abfd-5507b94245d6
Line Numbers                  

Raw Audit Messages            

node=micah.fedora type=AVC msg=audit(1283106127.127:286): avc:  denied  { read } for  pid=24140 comm="smbd" name="micah" dev=dm-0 ino=131084 scontext=system_u:system_r:smbd_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir

node=micah.fedora type=SYSCALL msg=audit(1283106127.127:286): arch=40000003 syscall=5 success=no exit=-13 a0=14eb120 a1=8000 a2=0 a3=0 items=0 ppid=23310 pid=24140 auid=4294967295 uid=0 gid=0 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="smbd" exe="/usr/sbin/smbd" subj=system_u:system_r:smbd_t:s0 key=(null)

    I think this is preventing me to access it over the network, how would I let it through?
    Reply With Quote Reply With Quote
  2. 09-02-2010 #2
    JosePF
    JosePF is offline
    Linux Newbie JosePF's Avatar
    Join Date
    Jun 2010
    Posts
    225
    hi,
    sorry but i dont understand. My english is very poor.
    Do you want be able to access your home folders or no?

    Regards and
    sorry for the inconvenience
    Reply With Quote Reply With Quote
  3. 09-02-2010 #3
    crazpiyush
    crazpiyush is offline
    Just Joined!
    Join Date
    Jun 2010
    Posts
    25

    Thumbs up

    When ever you are sharing users home directory through samba or ftp selinux will restrict it , to enable this you have to run these commnds..

    Code:
    Fix Command:
chcon -R -t samba_share_t /home/micah 
setsebool -P samba_enable_home_dirs=1
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...