1nfs_selinux(8)         NFS SELinux Policy documentation         nfs_selinux(8)
2
3
4

NAME

6       nfs_selinux - Security Enhanced Linux Policy for NFS
7

DESCRIPTION

9       Security  Enhanced  Linux secures the NFS server via flexible mandatory
10       access control.
11

BOOLEANS

13       SELinux policy is customizable based  on  the  least  level  of  access
14       required. SELinux can be configured to not allow NFS to share files. If
15       you want to share NFS partitions, and only allow  read-only  access  to
16       those NFS partitions, turn the nfs_export_all_ro boolean on:
17
18
19       setsebool -P nfs_export_all_ro 1
20
21       If   you   want   to   share   files   read/write   you  must  set  the
22       nfs_export_all_rw boolean.
23
24       setsebool -P nfs_export_all_rw 1
25
26
27       These booleans are not required when files to  be  shared  are  labeled
28       with  the  public_content_t or public_content_rw_t types. NFS can share
29       files labeled with the public_content_t  or  public_content_rw_t  types
30       even if the nfs_export_all_ro and nfs_export_all_rw booleans are off.
31
32
33       If you want to use a remote NFS server for the home directories on this
34       machine, you must set the use_nfs_home_dirs boolean:
35
36       setsebool -P use_nfs_home_dirs 1
37
38       system-config-selinux is a GUI tool available to customize SELinux pol‐
39       icy settings.
40

AUTHOR

42       This manual page was written by Dan Walsh <dwalsh@redhat.com>.
43
44

SEE ALSO

46       selinux(8), chcon(1), setsebool(8)
47
48
49
50dwalsh@redhat.com                 9 Feb 2009                    nfs_selinux(8)
Impressum