Hello all,
I have a webserver (nginx) running on Centos7.
I need to mount shares of a samba server in a samba client, have have the content to be served by nginx.
It is installed on this server samba-client, samba-common and cifs-utils.
On my research, I found out that the SELinux context for nginx is "system_u:object_r:httpd_sys_content_t:s0".
I have set this recursively to the nginx root folder, added an index.html file and successfully served the file.
I then mounted the samba shares /mount/test on my nginx server and, when I checked the SELinux context of the shares is system_u:object_r:cifs_t:s0
Since the samba shares are read only, I can't use chcon -R -t httpd_sys_content_t /mount/test. I tried and got an error (action can't be performed).
As per this article, (
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/sect-security-enhanced_linux-mounting_file_systems-multiple_nfs_mounts), I should be able to declare the SELinux context that I need the local machine to work with at the mount point.
So I used mount -t cifs //sambaserverexample/sambasharesexample /mount/test -o user=usertest context="system_u:object_r:httpd_sys_content_t:s0"
However it does not work. I get 'For more details see mount(8)'
I might be missing something here that is preventing me to achieve the above.
Any suggestions?
Thanks in advance.
Regards,
2
