Hello --

I recently migrated my home server to Fedora 21 (Fedora Server 1.0 to be specific) and encountered serious shortcomings with the mpd package available from rpmfusion.

The first and most important shortcoming I noticed was the inflexibility of the SELinux policy for mpd.

By default mpd can only read music located in `/var/lib/mpd/music` as that is the only directory given the proper `mpd_t` context. A boolean is available to allow mpd to read music located in user home directories, but nowhere can I find an option to allow mpd to read from arbitrary directories. My music library is stored outside of those two locations.

To overcome this problem was, I changed the default file/directory label for my music library to `mpd_t` using `semanage fcontext`. While this allows mpd to access the music, it conflicts with SELinux context requirements for Samba shares.

Samba requires directories/files it shares to have the `samba_share_t` context. I share my music library on my LAN via Samba, so having it labeled with the `mpd_t` context means I have to set the boolean allowing Samba global read/write access to the system. Ideally I'd like to keep Samba's read/write access confined to only the files in directories being shared.

Could an option be added to the SELinux policy for mpd that would allow it global read-only access to the system? This'd allow tight control over what files Samba can access yet still allow mpd to play music located in a directory of my choosing.