Red Hat Bugzilla – Bug 1265699
autofs only creates files with default_t SElinux context
Last modified: 2015-09-24 19:37:32 EDT
Description of problem: I was testing slightly complex scenario involving connecting by ssh to a machine that has home directories of users on NFS fs accessed through autofs. The problem was that sshd could not read users' authorized_keys file because of their default_t context Version-Release number of selected component (if applicable): autofs-5.0.7-53.el7 How reproducible: always Steps to Reproduce: 1. create nfs share 2. configure it to be mounted by autofs 3. check SElinux contexts of mounted files Actual results: drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /home/nfs Expected results: drwxr-xr-x. root root system_u:object_r:nfs_t:s0 /home/nfs/ Additional info: * /etc/auto.master contains: /home /etc/auto.nfs * cat /etc/auto.nfs nfs -fstype=nfs4,rw,async,soft,intr,fscontext=system_u:object_r:nfs_t:s0 127.0.0.1:/nfs-homes (I tried context, fscontext and defcontext)
Once mounted autofs is not involved in mounted file system operations. Are you sure that this doesn't happen if the nfs file system is manually mounted? Can you provide a full debug log so we can check that the context option is being correctly passed to the mount of the nfs file system?