On Wed, Dec 17, 2025 at 10:36 AM lejeczek via FreeIPA-users < [email protected]> wrote: > > have a bit of an update, in my case IPA is in rootfull containers and... > I have: > /devs/ROOTFUL.containers(/.*)? all files system_u:object_r:container_file_t:s0 > and container I run with: > -> $ export _PATH=/devs/ROOTFUL.containers/${_NAME} > -> $ podman run -ti --tz=local --cap-add=CAP_SYS_TIME .... --volume=${_PATH}/root:/root --volume=${_PATH}/data:/data:z > If I do: > -> $ setenforce 0 > and: > -> $ ipactl restart > then "..File.cpp(94): Could not open the file (Permission denied):" are gone, which otherwise, logs are full of. > but before I attempt to troubleshoot I wanted to ask - perhaps we/somebody know already what is correct fcontext &| way to run IPA container so these errors do no occur? > I'm on centos 9 with 4.12.2 >
I'd suggest you take a look at the freeipa-container project: https://github.com/freeipa/freeipa-container Some workarounds are required for IPA to work in a container. Also running IPA in a container is not supported, so opening an issue may not help. Rafael > many thanks, L. > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue -- Rafael Guterres Jeffman Senior Software Engineer FreeIPA - Red Hat
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
