Redhat:NFS SELinux
Jump to navigation
Jump to search
NFS SELinux Types
There are only two file types associated with NFS:
| var_lib_nfs_t | Dynamic files in the /var/lib/nfs directory. These files are updated as shares are mounted. |
| nfsd_exec_t | System Executable files such as rpm.mountd. There are two closley related types: rpcd_exec_t and gssd_exec_t for the equivalent files used for RPCs and Communications with kerberos |
Generally there is no need to assign these types to NFS directories, so they are only shown for reference.
NFS SELinux Booleans
For NFS all global modules are enabled by default.
| allow_gssd_read_tmp | Supports reading of temp Directories by security services (gssd) |
| httpd_use_nfs | Apache access to nfs |
| cd_record_read_content | cdrecord access to nfs |
| allow_ftpd_use_nfs | ftp access to nfs |
| git_system_use_nfs | git access to nfs |
| nfs_export_all_ro | read only access to nfs |
| nfs_export_all_rw | read write access to nfs |
| use_nfs_home_dirs | enables mounting of home directories |
| qemu_use_nfs | quick emulator access to nfs |
| allow-nfsd_anon_write | nfs servers modification of files on public file transfer services |
| virt_use_nfs | VM access to nfs |
| xen_use_nfs | xen VM access to nfs |