Description of problem: I'm getting a message (see below)when trying to share a directory with samba that is already shared with nfs This message is completely misleading as NFS is already working, but samba is not. Summary: SELinux hindert den NFS-Daemon daran, dass entfernte Clients lokale Dateien lesen. Detailed Description: SELinux hinderte den NFS-Daemon (nfsd) am Lesen im lokalen System. Falls Sie keine Dateisysteme exportiert haben, könnte dies einen Einbruchsversuch signalisieren. Allowing Access: Falls Sie Dateisysteme via NFS exportieren möchten, müssen Sie den samba_export_all_ro Boolesch aktivieren: "setsebool -P samba_export_all_ro=1". Fix Command: setsebool -P samba_export_all_ro=1 Additional Information: Source Context unconfined_u:system_r:smbd_t:s0 Target Context system_u:object_r:var_t:s0 Target Objects / [ dir ] Source smbd Source Path /usr/sbin/smbd Port <Unknown> Host beverly.ncc1701d Source RPM Packages samba-3.2.4-0.22.fc10 Target RPM Packages filesystem-2.4.19-1.fc10 Policy RPM selinux-policy-3.5.13-18.fc10 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name samba_export_all_ro Host Name beverly.ncc1701d Platform Linux beverly.ncc1701d 2.6.27.5-117.fc10.x86_64 #1 SMP Tue Nov 18 11:58:53 EST 2008 x86_64 x86_64 Alert Count 837 First Seen Sat Nov 29 22:46:26 2008 Last Seen Sat Nov 29 23:26:28 2008 Local ID c32cd63b-bff7-4040-a38d-1726e0462f8a Line Numbers Raw Audit Messages node=beverly.ncc1701d type=AVC msg=audit(1227997588.413:1300): avc: denied { read } for pid=19806 comm="smbd" name="/" dev=md1 ino=2 scontext=unconfined_u:system_r:smbd_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir node=beverly.ncc1701d type=SYSCALL msg=audit(1227997588.413:1300): arch=c000003e syscall=2 success=no exit=-13 a0=7f22b41182d0 a1=90800 a2=7f22b41b0f40 a3=2f13a70 items=0 ppid=19741 pid=19806 auid=500 uid=0 gid=0 euid=99 suid=99 fsuid=99 egid=99 sgid=99 fsgid=99 tty=(none) ses=47 comm="smbd" exe="/usr/sbin/smbd" subj=unconfined_u:system_r:smbd_t:s0 key=(null) Version-Release number of selected component (if applicable): selinux-policy-targeted-3.5.13-18.fc10.noarch How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
This looks like a translation problem.
I tried an "unset LANG" but even after this the "sealert -l" output comes with German messages. Is there any way to see the messages in English to verify that this is really a translation issue?
LANG=C sealert ... Should do it.
Nope, even with LANG=C in front of the sealert command I get the summary text in German.
Ok read the source. /usr/share/setroubleshoot/plugins/samba_export_all_ro.py
Thanks. The english text in the source looks good to me. Now, where is the translated text and how to get it fix, i.e. should we assign this to another component or person?
Thanks for reporting this. The German translation was wrong. Fixed with commit https://fedorahosted.org/setroubleshoot/browser/plugins/po/de.po?rev=1247%3A6e3fd70feea4 If the error still occurs in the next release of SETroubleShoot, please reopen this bug report.