This week's giveaway is in the Cloud/Virtualization forum. We're giving away four copies of Secure Financial Transactions with Ansible, Terraform, and OpenSCAP and have Lucian Maly on-line! See this thread for details.
I have a webserver (nginx) running on Centos7.
I need to mount shares of a samba server in a samba client, have have the content to be served by nginx.
It is installed on this server samba-client, samba-common and cifs-utils.
On my research, I found out that the SELinux context for nginx is "system_u:object_r:httpd_sys_content_t:s0".
I have set this recursively to the nginx root folder, added an index.html file and successfully served the file.
I then mounted the samba shares /mount/test on my nginx server and, when I checked the SELinux context of the shares is system_u:object_r:cifs_t:s0
Since the samba shares are read only, I can't use chcon -R -t httpd_sys_content_t /mount/test. I tried and got an error (action can't be performed).
You might want to check the sebool variable settings using the getsebool utility. There are whole raft of specialized setting related to what webservers will be permitted to do and network shares are a big part of them.
Some people, when well-known sources tell them that fire will burn them, don't put their hands in the fire.
Some people, being skeptical, will put their hands in the fire, get burned, and learn not to put their hands in the fire.
And some people, believing that they know better than well-known sources, will claim it's a lie, put their hands in the fire, and continue to scream it's a lie even as their hands burn down to charred stumps.
Bring me the box labeled "thinking cap" ... and then read this tiny ad:
SKIP - a book about connecting industrious people with elderly land owners