Hi Stephan, thanks for the suggestion but with the value changed to true the problem persists [1]
There seem to be no SEL options that could fit to my problem - at least I have not identified one within the ssh or nfs rule sets [2] Cheers, Thomas [1] > setsebool use_nfs_home_dirs on > getsebool use_nfs_home_dirs use_nfs_home_dirs --> on [2] > getsebool -a | grep ssh allow_ssh_keysign --> off fenced_can_ssh --> off ssh_chroot_full_access --> off ssh_chroot_manage_apache_content --> off ssh_chroot_rw_homedirs --> off ssh_sysadm_login --> off > getsebool -a | grep nfs allow_ftpd_use_nfs --> off cobbler_use_nfs --> off git_cgi_use_nfs --> off git_system_use_nfs --> off httpd_use_nfs --> off qemu_use_nfs --> on rsync_use_nfs --> off samba_share_nfs --> off sanlock_use_nfs --> off sge_use_nfs --> off tftp_use_nfs --> off use_nfs_home_dirs --> on virt_use_nfs --> off xen_use_nfs --> off On 28.11.2014 11:57, Stephan Wiesand wrote: >> On 28 Nov 2014, at 11:33, Thomas Hartmann <[email protected]> wrote: >> >> Or is there another way to get SELinux and NFS mounted homes together? >> I.e., disabling all file attribuite checks for NFS files - which is >> probably a 'suboptimal' usage of an active SELinux close to permissive... > > Have you tried "setsebool use_nfs_home_dirs on" ? >
smime.p7s
Description: S/MIME Cryptographic Signature
