Created attachment 332887 [details] full denial from sealert -l Description of problem: When: * directory and files are labeled with public_content_t type. * directory is mode 777. * shared through Samba ("public = yes", "writeable = yes"). Writing to the mounted directory cause a denial (expected). The "Allowing Access" section has: "If ftp should be allowed to write to this directory you need to turn on the allow_smbd_anon_write boolean..." Should be "If smbd..." Version-Release number of selected component (if applicable): setroubleshoot-plugins-2.0.12-1.fc11.noarch setroubleshoot-2.1.5-1.fc11.i386 setroubleshoot-server-2.1.5-1.fc11.i386 selinux-policy-3.6.6-5.fc11.noarch selinux-policy-targeted-3.6.6-5.fc11.noarch How reproducible: Always. Steps to Reproduce: 1. mkdir /shares 2. chmod -R 777 /shares 3. yum install samba samba-common samba-client 4. Add the following to the end of "/etc/samba/smb.conf": [testing] comment = testing something path = /shares public = yes writeable = yes 5. If you have not done so already, run "smbpasswd -a your_user_name" as root. 6. Mount the file system: "mount //localhost/testing /local_mount_point -o user=your_user_name" 7. Attempt to write to the mounted file system. Actual results: If ftp... Expected results: If smbd... Additional info: allow_smbd_anon_write --> off samba_create_home_dirs --> off samba_domain_controller --> off samba_enable_home_dirs --> off samba_export_all_ro --> off samba_export_all_rw --> off samba_run_unconfined --> on samba_share_fusefs --> off samba_share_nfs --> off use_samba_home_dirs --> off virt_use_samba --> off
Fixed in setroubleshoot-plugins-2.0.14-1.fc11