On Fri, 11 Apr 2014, [email protected] wrote:
futex(0x7f0e2e1462c0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open("/tmp/krb5cc_1599100000_CUkupo", O_RDONLY) = -1 EACCES (Permission
denied)
Are you sure you don't have SELinux really running and enabled?
Because the following output makes me really worry:
[root@replicahostname /tmp]# ll -Za
drwxrwxrwt. root root system_u:object_r:tmp_t:s0 .
dr-xr-xr-x. root root system_u:object_r:root_t:s0 ..
-rw------- rkelly rkelly ? .bash_history
drwxrwxrwt root root ? .ICE-unix
drwxrwxr-x rkelly rkelly ? .ipa
-r-------- root root ? krb5cc_0
-r-------- xs05144 xs05144 ? krb5cc_1599000020_u5RRhd
-r-------- rkelly rkelly ? krb5cc_1599100000_CUkupo
-r-------- rkelly rkelly ? krb5cc_1599100000_ZekyY0
These rkelly:rkelly krb5cc_* files have no SELinux label and should be
readable to the owner.
Can you show:
[root] # sestatus
[root] # audit2why -b -w -t avc
--
/ Alexander Bokovoy
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
