Redhat:NFS SELinux

From Define Wiki
Revision as of 12:40, 25 August 2013 by Michael (talk | contribs) (→‎NFS SELinux Types)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

NFS SELinux Types

There are only two file types associated with NFS:

var_lib_nfs_t Dynamic files in the /var/lib/nfs directory. These files are updated as shares are mounted.
nfsd_exec_t System Executable files such as rpm.mountd. There are two closley related types: rpcd_exec_t and gssd_exec_t for the equivalent files used for RPCs and Communications with kerberos

Generally there is no need to assign these types to NFS directories, so they are only shown for reference.


NFS SELinux Booleans

For NFS all global modules are enabled by default.

allow_gssd_read_tmp Supports reading of temp Directories by security services (gssd)
httpd_use_nfs Apache access to nfs
cd_record_read_content cdrecord access to nfs
allow_ftpd_use_nfs ftp access to nfs
git_system_use_nfs git access to nfs
nfs_export_all_ro read only access to nfs
nfs_export_all_rw read write access to nfs
use_nfs_home_dirs enables mounting of home directories
qemu_use_nfs quick emulator access to nfs
allow-nfsd_anon_write nfs servers modification of files on public file transfer services
virt_use_nfs VM access to nfs
xen_use_nfs xen VM access to nfs
Retrieved from "http://wiki.define-technology.com/mediawiki-1.35.0/index.php?title=Redhat:NFS_SELinux&oldid=3291"