Bug 795474
| Summary: | Request for rsync network filesystem (nfs/cifs) booleans | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | jcpunk | ||||
| Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> | ||||
| Severity: | low | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 6.2 | CC: | csieh, dwalsh, mmalik | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | selinux-policy-3.7.19-138.el6 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 1000029 (view as bug list) | Environment: | |||||
| Last Closed: | 2012-06-20 12:31:34 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
This is fine with me, I just added this access to Rawhide. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0780.html |
Created attachment 564471 [details] patch to add the behavior described Description of problem: Currently rsync can either read rsync_t files or, with rsync_export_all_ro set, read just about anything. It would be nice to have the ability to easily enable reading of network mounts without opening up everything. Currently apache, ftp, cobbler, git, and qemu have similar booleans. Version-Release number of selected component (if applicable): selinux-policy-3.7.19-126.el6_2.6 How reproducible: always Steps to Reproduce: 1. wish to share nfs or cifs volumes with rsync 2. notice the nice booleans for these other services 3. write up custom policy to replicate the behavior Actual results: either enable exporting everything or write custom policy Expected results: a boolean similar to apache, ftp, cobbler, git, and qemu Additional info: The attached patch, while somewhat ugly, I believe adds this feature.