Hi! On Mon, Mar 7, 2016 at 11:20 PM, Rob Crittenden <[email protected]> wrote:
> It may be preferable to label the /var/lib/puppet/ssl/* directories as > certmonger_var_lib_t but I don't know what would do to puppet. You could > trade one problem for another. A BZ against selinux might be warranted > to see what they think. > Thanks for the detailed instructions! I found the issue https://bugzilla.redhat.com/show_bug.cgi?id=1062470 where certmonger was granted READ access to Puppet libs. I wonder why WRITE access was not added? Best regards, Thomas
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
