Bug 430158

Summary: SElinux policy breaks NFS + NIS configuration
Product: [Fedora] Fedora Reporter: Joshua Pedrick <joshuasemailaddress>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 8   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-26 22:45:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joshua Pedrick 2008-01-24 21:19:02 UTC 
Description of problem:
I am using NFS to mount users home directories and NIS to authenticate users.
When logging in, many services related to NFS and NIS are blocked by SElinux. As
a result users are unable to login normally.

Version-Release number of selected component (if applicable):
Fedora 8, SE linux default policies.


How reproducible:
Users home directories should be on NFS mount, users should be authenticated by NFS.

Steps to Reproduce:
1. login as NIS authenticated user with NFS home directory.
2.
3.
  
Actual results:
Login reports home directory not available, but upon login user can view home
directory.

Expected results:
Normal login


Additional info:
This problem can be resolved by setting SElinux to permissive mode.
Comment 1 Daniel Walsh 2008-01-24 23:05:39 UTC 
Do you have the booleans use_nfs_home_dirs and allow_ypbind turned on?

getsebool use_nfs_home_dirs allow_ypbind
Turn them on.
setsebool -P use_nfs_home_dirs=1 allow_ypbind=1

If they were set or this does not fix the problem.  Please attach the audit.log.