Description of problem: ..idea, when actual boolean is 0 and one has folders samba-shared from within home dir then failure is silent. Sure we all should read man pages but reports into the syslog would put many minds at ease. that would nicely appear in syslog just next to samba error, and everything is clear :) thanks Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Not sure what you are getting at. Please show me what you would have wanted the /var/log/messages entry to look like?
selinux silently denies samba access to public_content_rw_t(maybe samba_share_t too) labelled shares in a user's home dir if samba_enable_home_dirs is 0 man page explains it but if this denial when happens could as well go into logs, for those who have missed samba_selinux, troubleshooting it would be quicker, I think
I agree, Miroslav change userdom_dontaudit_search_user_home_dirs(smbd_t) to userdom_search_user_home_content(smbd_t) This will allow samba to search through the user homedir but not list them. I don't think this is much less secure.
Changed in selinux-policy-3.6.32-80.fc12
selinux-policy-3.6.32-82.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-82.fc12
selinux-policy-3.6.32-84.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2010-1492
selinux-policy-3.6.32-84.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.