Eric Scholwin via FreeIPA-users wrote:
> I was wondering if anyone noticed while installing FreeIPA on any of their
> machines, whether or not their SELinux Booleans were affected? I installed
> this in a test environment and nothing broke. However, when installed in my
> production environment, an important SEBoolean was changed:
> "authlogin_nsswitch_use_ldap --> on"
> This particular boolean was changed to off, breaking logins for an
> application running on the server that required connecting to an ldap server.
> i've figured out what broke, now I'm just trying to figure out what caused it
> to change. Is this something FreeIPA would normally change? I only ask
> because I've installed this on about 30 systems and only this one was
> affected, but ldap also isn't used on many of the other servers. Any insight
> would be appreciated.
It is likely authconfig making the change.
I don't believe ipa-client-install explicitly disables ldap so I'm
guessing authconfig is doing it when it enables sssd and sssdauth.
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org