> Hi,
> I am setting up a freeipa2 server (both fedora 15), and I was able to
get the ipa-client-install to work perfectly (as far as I know) by yum
excluding libcurl and curl. If I run kinit brad, I can authenticate and
that works aswell.
> But when I want to login as me through gdm, I get "Could not update
ICEauthority file /home/brad/.ICEauthority" granted the home folders do
not exist as this would be my first ever login.

You either don't have a home directory (/home/brad) or you've got a
SeLinux problem. Last week I've made a little F15 freeipa setup with the
default mkhomedir feature. The I had Selinux problems with ~/.Xautority
for remote X sessions. After some Googling and reading I found out that
there is another pam mkhomedit module (oddjob-mkhomedir). After installing
this package, removing users, removing machine out of freeipa realm and
reinstalling with

$ ipa-client-install --mkhomedir

everthing worked just fine. It seems that the default pam_makehomedit
module is not able to set correct SELinux permissions.



Freeipa-users mailing list

Reply via email to