Bug 1000026

Summary: [RFE] tftp booleans for NFS/CIFS access
Product: [Fedora] Fedora Reporter: jcpunk
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: unspecified    
Version: 19CC: dominick.grift, dwalsh, mgrepl, mmalik
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 955774 Environment:
Last Closed: 2013-08-27 10:53:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description jcpunk 2013-08-22 14:05:40 UTC 
+++ This bug was initially created as a clone of Bug #955774 +++

Description of problem: I would very much like to provide some nfs content over tftp.  There is no way to enable that functionality with the current policy.  I've attached a patch which provides booleans for toggling that ability.  While I was in there I created some for CIFS as well.


Version-Release number of selected component (if applicable):3.12.1-71.fc19


How reproducible: 100%


Steps to Reproduce:
1. mount nfs share under tftp root
2. attempt to read the file
3. locate avc denied error
  
Actual results: permission denied


Expected results: the ability to easily configure selinux to read NFS files when I want it to.


Additional info:

--- Additional comment from Miroslav Grepl on 2013-08-06 03:40:34 EDT ---

Thank you for your patch. Added.
Comment 1 Miroslav Grepl 2013-08-27 10:53:33 UTC 
In Fedora/RHEL7,

use_samba_home_dirs
use_nfs_home_dirs

should be enough to make it working.
Comment 2 Miroslav Grepl 2013-08-27 10:54:25 UTC 
*** Bug 1000029 has been marked as a duplicate of this bug. ***