[Freeipa-users] enabling selinux on ipa server
Prasun Gera
prasun.gera at gmail.com
Sat Oct 24 23:32:13 UTC 2015
I've done that now in addition to the few fixes that I made manually
earlier. These were the messages:
SELinux is preventing /usr/sbin/ns-slapd from write access on the file
ldap_988
SELinux is preventing /usr/sbin/httpd from read access on the lnk_file
/etc/httpd/logs
And a few others. I also had to do sudo setsebool -P httpd_manage_ipa 1
On Sat, Oct 24, 2015 at 10:51 AM, Lukas Slebodnik <lslebodn at redhat.com>
wrote:
> On (23/10/15 20:57), Prasun Gera wrote:
> >selinux was disabled for some reason when the ipa server(replica) was
> >installed. I enabled it, and see that there are a lot of selinux related
> >permissions problems in syslog. Is this a known issue ? I tried fixing
> some
> >of them manually, but i would like a better approach.
> FreeIPA should work fine with SELinux in enforcing mode.
>
> I would recommend to restore SELinux context of files on that machine.
>
> restorecon -Rv /
>
> LS
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151024/0dc41b45/attachment.htm>
More information about the Freeipa-users
mailing list