SELinux Samba share

Status

# Getting status
getenforce

# Changing status (O disable, 1 enforcing)
setenforce 0

Booleans

# Checking booleans
getsebool -a
getsebool -a | grep samba
getsebool samba_enable_home_dirs

# Enable/disable booleans value
setsebool samba_enable_home_dirs on/off

Context

Getting current context:

ls -Zd /media/guillaume

Note

From now on, every command is followed by his resulting context:

> system_u:object_r:unlabeled_t:s0 /media/guillaume

Changing current context:

chcon -R -t samba_share_t /media/guillaume
> system_u:object_r:samba_share_t:s0 /media/guillaume

Reseting manual change:

restorecon -v /media/guillaume
> system_u:object_r:unlabeled_t:s0 /media/guillaume

Changing directory policy:

semanage fcontext -a -t samba_share_t "/media/guillaume(/.*)?"
semanage fcontext --list [| grep samba]
restorecon -v /media/guillaume