[tene]

I personally feel like the included man pages on RH distros for selinux discussion on specific topics are quite good. You can see the full list of these by searching your man database with: man -k _selinux

In this specific case, you're looking for samba_selinux. It's not perfectly written, but it should at least cover all the relevant information: (https://linux.die.net/man/8/samba_selinux). You mentioned looking for the read/write share label, and that's specifically discussed, and described with examples.

You can also use sesearch to query your selinux policy for more information about anything mentioned in that man page. For example, to understand the implications of setting samba_enable_home_dirs you can run `sesearch -A -b samba_enable_home_dirs`. You can run similar queries for file types, process types, port types, etc. If you really want a list of every type relevant to samba, you can run: `sesearch -A -s smbd_t`. If you wanted to use sesearch to find everything smbd_t can write to, as an alternate method of discovering public_content_rw_t, you can filter that, like: `sesearch -A -s smbd_t -p write -d -c file -C`. This will also show you that the public_content_rw_t rule is conditional on the smbd_anon_write boolean.

I used to teach RHCE courses and exams; I'm curious about the amusing ways of dealing with selinux you encountered.