nfs_* booleans do not exist in Red Hat Enterprise Linux 6.3
Issue
- SELinux policy does allow NFS to share files by default. The operation of SElinux is different from the manual and nfs_* booleans are not exist in selinux-policy.
Red Hat Enterprise Linux 6 Managing Confined Services
------
6.1. NFS and SELinux
When running SELinux, the NFS daemons are confined by default.
SELinux policy does not allow NFS to share files by default.
If you want to share NFS partitions, this can be configured via
the nfs_export_all_ro and nfs_export_all_rw Booleans, as described
in this section. These Booleans are however not required when files
to be shared are labeled with the public_content_t or
public_content_rw_t types. NFS can share files labeled with these
types even if the nfs_export_all_ro and nfs_export_all_rw Booleans
are off.
nfs_export_all_ro
Export any file or directory via NFS, allowing read-only permissions.
nfs_export_all_rw
Export any file or directory via NFS, allowing read and write permissions.
------
Environment
- Red Hat Enterprise Linux 6
- selinux-policy
- nfs server
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
