The Samba-Bugzilla – Attachment 3338 Details for
Bug 5524
smbd access homes, but homes disabled in config file
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Output of sealert
sealert_output.txt (text/plain), 2.40 KB, created by
venca
on 2008-06-06 15:06:17 UTC
(
hide
)
Description:
Output of sealert
Filename:
MIME Type:
Creator:
venca
Created:
2008-06-06 15:06:17 UTC
Size:
2.40 KB
patch
obsolete
>Summary: > >SELinux is preventing the samba daemon from reading users' home directories. > >Detailed Description: > >SELinux has denied the samba daemon access to users' home directories. Someone >is attempting to access your home directories via your samba daemon. If you only >setup samba to share non-home directories, this probably signals a intrusion >attempt. For more information on SELinux integration with samba, look at the >samba_selinux man page. (man samba_selinux) > >Allowing Access: > >If you want samba to share home directories you need to turn on the >samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1" > >Fix Command: > >setsebool -P samba_enable_home_dirs=1 > >Additional Information: > >Source Context unconfined_u:system_r:smbd_t:s0 >Target Context system_u:object_r:home_root_t:s0 >Target Objects /home [ dir ] >Source smbd >Source Path /usr/sbin/smbd >Port <Unknown> >Host my_hostname >Source RPM Packages samba-3.2.0-1.rc1.14.fc9 >Target RPM Packages filesystem-2.4.13-1.fc9 >Policy RPM selinux-policy-3.3.1-55.fc9 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name samba_enable_home_dirs >Host Name my_hostname >Platform Linux my_hostname 2.6.25.4-30.fc9.i686 #1 SMP Wed May 21 > 18:12:35 EDT 2008 i686 athlon >Alert Count 7621 >First Seen Thu Jun 5 18:32:21 2008 >Last Seen Fri Jun 6 21:00:00 2008 >Local ID 914f986c-f627-4444-8d60-305ad1e553f2 >Line Numbers > >Raw Audit Messages > >host=my_hostname type=AVC msg=audit(1212778800.465:105): avc: denied { getattr } for pid=8793 comm="smbd" path="/home" dev=md3 ino=2 scontext=unconfined_u:system_r:smbd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir > >host=my_hostname type=SYSCALL msg=audit(1212778800.465:105): arch=40000003 syscall=195 success=no exit=-13 a0=bf9fecd5 a1=bf9ff0cc a2=514ff4 a3=bf9fecdb items=0 ppid=8789 pid=8793 auid=500 uid=500 gid=0 euid=500 suid=0 fsuid=500 egid=500 sgid=0 fsgid=500 tty=(none) ses=1 comm="smbd" exe="/usr/sbin/smbd" subj=unconfined_u:system_r:smbd_t:s0 key=(null) >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 5524
:
3337
| 3338