From 687c8b002c1a2ab2bfd402d0e3da3e93bd42d7f1 Mon Sep 17 00:00:00 2001 From: Ben Kircher Date: Tue, 5 Apr 2022 15:34:12 +0200 Subject: [PATCH] samba: Set SELinux file context recursively Setting the samba share context only on the ~/share directory will not work when the user wants to list directories or create/read files in sub-directories. --- modules/ROOT/pages/samba.adoc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/ROOT/pages/samba.adoc b/modules/ROOT/pages/samba.adoc index cb7cf19..74a43af 100644 --- a/modules/ROOT/pages/samba.adoc +++ b/modules/ROOT/pages/samba.adoc @@ -36,7 +36,7 @@ Create a directory to be the share for jane, and set the correct SELinux context: .... mkdir /home/jane/share -sudo semanage fcontext --add --type "samba_share_t" ~/share +sudo semanage fcontext --add --type "samba_share_t" "/home/share(/.*)?" sudo restorecon -R ~/share .... @@ -90,7 +90,7 @@ Setting up the shared folder: sudo mkdir /home/share sudo chgrp myfamily /home/share sudo chmod 770 /home/share -sudo semanage fcontext --add --type "samba_share_t" /home/share +sudo semanage fcontext --add --type "samba_share_t" "/home/share(/.*)?" sudo restorecon -R /home/share .... @@ -215,7 +215,7 @@ cat /etc/passwd | grep maria maria:x:1002:1002::/home/maria:/bin/bash .... + -. Check if the shared directory has the correct SELinux context. +. Check if the shared directory and sub-directories have the correct SELinux context. + .... ls -dZ /home/share