Создание и удаление каталогов в шаре (SELinux не даёт samba работать с каталогами)

[Mifodix]

Здравствуйте!
Есть шара на samba (Fedora 17). Всё настроено и работает отлично, но SELinux не даёт удалять или создавать папки в шаре (файлы создаются и удаляются без проблем). Пересмотрел кучу параметров, но где включить разрешение на работу с директориями так и не нашёл. Вариант с отключением SELinux не рассматривается.

[taaroa]

# getsebool -a | grep samba

/etc/samba/smb.conf

# Security-Enhanced Linux (SELinux) Notes: # # Turn the samba_domain_controller Boolean on to allow Samba to use the useradd # and groupadd family of binaries. Run the following command as the root user to # turn this Boolean on: # setsebool -P samba_domain_controller on # # Turn the samba_enable_home_dirs Boolean on if you want to share home # directories via Samba. Run the following command as the root user to turn this # Boolean on: # setsebool -P samba_enable_home_dirs on # # If you create a new directory, such as a new top-level directory, label it # with samba_share_t so that SELinux allows Samba to read and write to it. Do # not label system directories, such as /etc/ and /home/, with samba_share_t, as # such directories should already have an SELinux label. # # Run the "ls -ldZ /path/to/directory" command to view the current SELinux # label for a given directory. # # Set SELinux labels only on files and directories you have created. Use the # chcon command to temporarily change a label: # chcon -t samba_share_t /path/to/directory # # Changes made via chcon are lost when the file system is relabeled or commands # such as restorecon are run. # # Use the samba_export_all_ro or samba_export_all_rw Boolean to share system # directories. To share such directories and only allow read-only permissions: # setsebool -P samba_export_all_ro on # To share such directories and allow read and write permissions: # setsebool -P samba_export_all_rw on # # To run scripts (preexec/root prexec/print command/...), copy them to the # /var/lib/samba/scripts/ directory so that SELinux will allow smbd to run them. # Note that if you move the scripts to /var/lib/samba/scripts/, they retain # their existing SELinux labels, which may be labels that SELinux does not allow # smbd to run. Copying the scripts will result in the correct SELinux labels. # Run the "restorecon -R -v /var/lib/samba/scripts" command as the root user to # apply the correct SELinux labels to these files.

…и далее по тексту.

[Mifodix]

Эти параметры я уже видел. samba_export_all_rw давно включён, но его действие не распространяется на создание директорий.