smbcontrol fails in SELinux Enforcing mode Version information: # cat /etc/fedora-release Fedora release 35 (Thirty Five) # rpm -q samba-common-tools selinux-policy samba-common-tools-4.15.2-3.fc35.x86_64 selinux-policy-35.5-1.fc35.noarch Steps to reproduce: setenforce 1 dnf install samba-common-tools smbcontrol all debug 100 Expected result: no error Actual result: "ERROR: Could not determine network interfaces, you must use a interfaces config line" Additional information: # ausearch -m avc time->Tue Nov 23 05:16:25 2021 type=AVC msg=audit(1637662585.880:491): avc: denied { create } for pid=1665 comm="smbcontrol" scontext=unconfined_u:unconfined_r:smbcontrol_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:smbcontrol_t:s0-s0:c0.c1023 tclass=netlink_route_socket permissive=0 It works with setenforce 0 and on previous samba versions
Denis, this bug needs to be opened against selinux-policy project, not Samba. Samba does not own nor handle SELinux policy on its own. Instead, it relies on the selinux-policy project to provide common policy.
Ok, there is no bug for Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=2025931, we can close this one.