On 09/26/2017 01:01 PM, Rob Crittenden wrote:

Start with

A System Error often points to HBAC denying the access.


Thanks for that, but I figured it out.  This is why, when you are working on troubleshooting something you either undo things or document it.

Turns out that the issue is that Kerberos (or sssd) dumps files to /tmp when authenticating.  When I mentioned this problem to an engineer here, who has worked here almost 2 decades, he told me he recalls a former coworker was working on a problem on that server and set /tmp to read only.  That was more than 2 years ago. Remounting /tmp to RW fixed the problem.

And this is why you document EVERYTHING, kids.  Geez.  Apologies for the lengthy spam post.

Mark Haney
Network Engineer at NeoNova
919-460-3330 option 1
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to