Bug 244272 - SELinux is preventing samba (/usr/sbin/smbd) "append" to /var/log/samba/log.smbd (samba_log_t).
SELinux is preventing samba (/usr/sbin/smbd) "append" to /var/log/samba/log.s...
Status: CLOSED DUPLICATE of bug 244273
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
7
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-14 15:38 EDT by Jonathan Underwood
Modified: 2007-11-30 17:12 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-14 16:22:58 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jonathan Underwood 2007-06-14 15:38:01 EDT
Summary
    SELinux is preventing samba (/usr/sbin/smbd) "append" to
    /var/log/samba/log.smbd (samba_log_t).

Detailed Description
    SELinux denied samba access to /var/log/samba/log.smbd. If you want to share
    this directory with samba it has to have a file context label of
    samba_share_t. If you did not intend to use /var/log/samba/log.smbd as a
    samba repository it could indicate either a bug or it could signal a
    intrusion attempt.

Allowing Access
    You can alter the file context by executing chcon -R -t samba_share_t
    /var/log/samba/log.smbd

    The following command will allow this access:
    chcon -R -t samba_share_t /var/log/samba/log.smbd

Additional Information        

Source Context                user_u:system_r:smbd_t
Target Context                user_u:object_r:samba_log_t
Target Objects                /var/log/samba/log.smbd [ file ]
Affected RPM Packages         samba-3.0.25a-3.fc7 [application]
Policy RPM                    selinux-policy-2.6.4-12.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.samba_share
Host Name                     xxxxxxxxxxxxxxxxxxxxxxxxxx
Platform                      Linux xxxxxxxxxxxxxxxxxx
                              2.6.21-1.3194.fc7 #1 SMP Wed May 23 22:47:07 EDT
                              2007 x86_64 x86_64
Alert Count                   31
First Seen                    Thu 14 Jun 2007 08:22:44 PM BST
Last Seen                     Thu 14 Jun 2007 08:22:44 PM BST
Local ID                      03030d20-a8df-4546-ac0a-57e41d8a204e
Line Numbers                  

Raw Audit Messages            

avc: denied { append } for comm="smbd" dev=sda2 egid=0 euid=0
exe="/usr/sbin/smbd" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="log.smbd"
path="/var/log/samba/log.smbd" pid=17215 scontext=user_u:system_r:smbd_t:s0
sgid=0 subj=user_u:system_r:smbd_t:s0 suid=0 tclass=file
tcontext=user_u:object_r:samba_log_t:s0 tty=(none) uid=0
Comment 1 Jonathan Underwood 2007-06-14 15:41:19 EDT
This occured the first time I started samba on a freshly installed and updated
machine.
Comment 2 Daniel Walsh 2007-06-14 16:22:58 EDT

*** This bug has been marked as a duplicate of 244273 ***

Note You need to log in before you can comment on or make changes to this bug.