On Tue, 2012-03-20 at 13:14 +0100, Marco Pizzoli wrote: > Hi Martin, > > On Tue, Mar 20, 2012 at 1:02 PM, Martin Kosek <mko...@redhat.com> > wrote: > On Tue, 2012-03-20 at 12:44 +0100, Marco Pizzoli wrote: > > Hi guys, > > I don't know if you already know this, but in my logs I can > find this: > > > > > > Mar 20 12:14:47 freeipa01 setroubleshoot: SELinux is > > preventing /usr/bin/memcached from create access on the > sock_file > > ipa_memcached. For complete SELinux messages. run sealert -l > > 85b51f4e-3f2e-4e7d-819f-1efb04836de3 > > > > > > I'm running: > > > > > > [root@freeipa01 ipa]# rpm -qa|grep freeipa > > freeipa-server-selinux-2.1.90.rc1-0.fc16.x86_64 > > freeipa-client-2.1.90.rc1-0.fc16.x86_64 > > freeipa-server-2.1.90.rc1-0.fc16.x86_64 > > freeipa-admintools-2.1.90.rc1-0.fc16.x86_64 > > freeipa-python-2.1.90.rc1-0.fc16.x86_64 > > > > > > HTH > > Marco > > > Hello Marco, > > there is a SELinux policy where this issue is fixed: > > https://admin.fedoraproject.org/updates/FEDORA-2012-2733/selinux-policy-3.10.0-80.fc16 > > Its still in updates-testing though. This is an appropriate > BZ: > https://bugzilla.redhat.com/show_bug.cgi?id=783592 > > > Thanks for your answer. > Just to be aligned, actually it's not still available on the > updates-testing channel too. > I see on the cli that I cannot update to that release and by looking > at the link you posted I see it has still to be pushed -> current > state: pending. > > > Thanks again > Marco
You are right, its not there yet. You can just download and install fixed RPM from koji (there is a link on Fedora update file), but it is of course a SElinux policy version without proper community testing. I tried it and it worked for me, no AVC raised. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel