Prasun Gera wrote:
> I've done that now in addition to the few fixes that I made manually
> earlier. These were the messages:
> SELinux is preventing /usr/sbin/ns-slapd from write access on the file
> SELinux is preventing /usr/sbin/httpd from read access on the lnk_file
> And a few others. I also had to do sudo setsebool -P httpd_manage_ipa 1
It would help to know what version you're using.
The installer will skip setting the booleans if SELinux disabled. The
installer won't disable SELinux itself.
A default install will enable these booleans:
AD trust will enable samba_portmapper
> On Sat, Oct 24, 2015 at 10:51 AM, Lukas Slebodnik <lsleb...@redhat.com
> <mailto:lsleb...@redhat.com>> wrote:
> On (23/10/15 20:57), Prasun Gera wrote:
> >selinux was disabled for some reason when the ipa server(replica) was
> >installed. I enabled it, and see that there are a lot of selinux
> >permissions problems in syslog. Is this a known issue ? I tried
> fixing some
> >of them manually, but i would like a better approach.
> FreeIPA should work fine with SELinux in enforcing mode.
> I would recommend to restore SELinux context of files on that machine.
> restorecon -Rv /
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project