On Fri, Oct 14, 2016 at 09:44:11AM +0200, Sumit Bose wrote:
> On Fri, Oct 14, 2016 at 12:41:23AM +0200, Jacquelin Charbonnel wrote:
> >     Thank you for this information. Yes, /tmp is writable.
> > 
> >     My problem is : access are sometimes definitively refused for random 
> > user
> > who wants to log in diskless workstations.
> >     But if this banned user tries to connect to the single machine which 
> > mounts
> > the fs in rw mode, it's work, and this solve immediately its problem on all
> > the other stateless machines !? Strange...
> Maybe it is the selinux_provider, iirc at least in older version it used
> to write some data somewhere below /etc/selinux/. You can easily test
> this by setting 'selinux_provider = none' in the domain section in
> ssd.conf.

Aah, that's probably it. We no longer write to the directory directly,
but we call libsemanage functions that do.

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to