Bug 955774 - [RFE] tftp booleans for NFS/CIFS access
Summary: [RFE] tftp booleans for NFS/CIFS access
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy
Version: 6.4
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: Michal Trunecka
Depends On:
TreeView+ depends on / blocked
Reported: 2013-04-23 19:05 UTC by jcpunk
Modified: 2014-09-30 23:34 UTC (History)
5 users (show)

Fixed In Version: selinux-policy-3.7.19-210.el6
Doc Type: Enhancement
Doc Text:
Clone Of:
: 1000026 (view as bug list)
Last Closed: 2013-11-21 10:23:35 UTC
Target Upstream Version:

Attachments (Terms of Use)
patch implementing the described behavior (1.50 KB, patch)
2013-04-23 19:05 UTC, jcpunk
no flags Details | Diff

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:1598 0 normal SHIPPED_LIVE selinux-policy bug fix and enhancement update 2013-11-20 21:39:24 UTC

Description jcpunk 2013-04-23 19:05:55 UTC
Created attachment 739112 [details]
patch implementing the described behavior

Description of problem: I would very much like to provide some nfs content over tftp.  There is no way to enable that functionality with the current policy.  I've attached a patch which provides booleans for toggling that ability.  While I was in there I created some for CIFS as well.

Version-Release number of selected component (if applicable):3.7.19-195.el6_4.3

How reproducible: 100%

Steps to Reproduce:
1. mount nfs share under tftp root
2. attempt to read the file
3. locate avc denied error
Actual results: permission denied

Expected results: the ability to easily configure selinux to read NFS files when I want it to.

Additional info:

Comment 2 Miroslav Grepl 2013-08-06 07:40:34 UTC
Thank you for your patch. Added.

Comment 5 errata-xmlrpc 2013-11-21 10:23:35 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.