Anthony Messina wrote:
On Tuesday, August 06, 2013 02:44:57 PM Martin Kosek wrote:
I see there are some SELinux issues for accessing /tmp/hsperfdata_root, they
I was running into the same SELinux issue when installing two FreeIPA servers
in virtual machines yesterday:
SELinux is preventing /usr/lib/jvm/java-1.7.0-
openjdk-184.108.40.206-220.127.116.11.fc19.x86_64/jre/bin/java from read access on the
For me, the problem was two-fold:
1. When creating a new VM, I typically issue 'systemctl mask tmp.mount' and
reboot as a first rule, since I don't have the availability to have a huge
chunk of the VM's allocated RAM used up for /tmp.
2. Beccause of 1., the /tmp directory persists across reboots, and after
initial FreeIPA installation, the /tmp/hsperfdata_root diretctory and files
have the system_u:object_r:rpm_script_tmp_t:s0 SELinux label, when they should
I resolved this issue by stopping IPA, removing /tmp/hsperfdata_root, and
rebooting the machine, where I was able to observe the directory and files
created with the proper context.
Without knowing the proper context beforehand, there was no way to issue a
restorecon, since there is no default label for /tmp/hsperfdata_root.
There is a bug open against selinux-policy on this from F-18 using a
You may want to either add your own use-case here, or open a new bug and
reference this one.
Freeipa-users mailing list