I am confining users as user_u

selinux is not allowing user_u to access mounted nfs shares.

user_u can access the shares if I disable selinux (setenforce 0) , so the nfs server/client/mount is working properly.

But user_u can not access the nfs share if I enable selinux (setenforce 1)

There are no AVC denials and a google search has not been useful.

Is there a boolean to allow access to nfs shares for user_u or any advice on how to debug this ?

You were able to get this fixed with help of #selinux on irc.freenode.org, were you not?

---------- Post added at 01:04 PM ---------- Previous post was at 01:00 PM ----------

Try setsebool -P use_nfs_home_dirs on

That should allow users access to nfs_t type objects

Yes I got a fix, it was not that boolean, it was to set selinux permissions in the automount.

I set "rootcontext=system_u:object_r:nfs_t" to the mount options for the nfs share

I am auto mounting with systemd, so added that option to fstab.

fstab options are

users,noauto,comment=systemd.automount,rootcontext =system_u:object_r:nfs_t