Hi! I have setup certificates for Puppet as described here: http://www.freeipa.org/page/Using_IPA's_CA_for_Puppet
Unfortunately SELinux is giving me hard time when invoking "ipa-getcert request" to generate the private/public key for the Puppet agent (permission denied when trying to write the key pair to /var/lib/puppet/ssl). Disabling SELinux temporarily solves the issue, but the same problem reappears when renewing the certificate (ipa-getcert reports status NEED_CERTSAVE_PERMS for the request). What would be the proper way to enable the necessary permissions on SELinux? Best regards, Thomas
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
