Where Samba Shares are setup on VxFS filesystems, and SELinux is enabled, the SELinux context cannot be set.
Article ID: 100025849
Updated On:
Description
Error Message
Error:
chcon -t samba_share_t (mountpoint of samba share)
For example:
chcon -t samba_share_t /the_samba_share
chcon: failed to change context of /the_samba_share to system_u:object_r:samba_share_t:s0: Operation not supported
Resolution
VxFS does not support setting SELinux context settings for the VxFS filesystem mountpoint or any files or directories therein.
To use SE Linux in conjunction with Samba shares running on VxFS, an SE Linux boolean value can be set.
Run the command below to resolve the issue:
# setsebool -P samba_export_all_rw on
Issue/Introduction
The issue occurs where the following are true:
a) SE Linux is enabled b) The configuration file: /etc/selinux/config is modified.
SELinux is configured with enforcing mode and targeted type is set, as below.
c) Samba shares are created on VxFS filesystems. An attempt to set SELinux context against the Samba share fails.
a) SE Linux is enabled b) The configuration file: /etc/selinux/config is modified.
SELinux is configured with enforcing mode and targeted type is set, as below.
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=enforcing
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0c) Samba shares are created on VxFS filesystems. An attempt to set SELinux context against the Samba share fails.
Was this article helpful?
Yes
No
Powered by
