Le Thursday, November 3, 2016 12:42:27 PM CET Bill shirley a écrit :
I'm getting an AVC in the boot process when systemd tries to mount a drive. It's too early in the boot process for it to be in /var/log/audit/audit.log. I don't speak AVC well enough to generate a rule without the log entry: Nov 03 10:31:05 c3po.example.com audit[1]: AVC avc: denied { read } for pid=1 comm="systemd" name="lan" dev="dm-0" ino=100732081 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:samba_share_t:s0 tclass=dir permissive=0
[0:root@c3po shorewall 2]$ ls -ldZ /lan drwxr-xr-x. 4 root root system_u:object_r:samba_share_t:s0 37 Jan 15 2011 /lan
Why has that directory the file context `system_u:object_r:samba_share_t:s0`?
I think you should change it to `system_u:object_r:mnt_t:s0` (similar to the default context of the / mnt directory).