When samba is allowed to access home directory, it sometimes needs to add watch on the whole home directory to respond to watch requests from clients (for example from Windows).
Addresses the following denial:
type=AVC msg=audit(1705933921.682:202): avc: denied { watch } for pid=11956 comm="smbd-notifyd" path="/home/test" dev="vda4" ino=912095 scontext=system_u:system_r:smbd_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=0
zpytela
commented
7 months ago
When samba is allowed to access home directory, it sometimes needs to add watch on the whole home directory to respond to watch requests from clients (for example from Windows).
Addresses the following denial: type=AVC msg=audit(1705933921.682:202): avc: denied { watch } for pid=11956 comm="smbd-notifyd" path="/home/test" dev="vda4" ino=912095 scontext=system_u:system_r:smbd_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=0
Resolves: RHEL-14735