Hi, Thanks for the reply.
The SELinux boolean variable authlogin_nsswitch_use_ldap is not available in the list of booleans. So, how do I manually add the boolean? This boolean is required to be set to enable ldap authentication. Thanks, Tizy On Fri, May 9, 2014 at 8:52 AM, Adam Young <[email protected]> wrote: > On 05/06/2014 09:01 PM, Roman Sokolkov wrote: > > Tizy, > > Selinux is disabled on all nodes under Fuel. > > > https://github.com/stackforge/fuel-library/blob/stable/4.0/deployment/puppet/cobbler/templates/kickstart/centos.ks.erb#L32 > > > You could check it by "getenforce" command. It should report "Disabled". > > So you could simply pass all steps related to Selinux. > > Thank you. > > Yeah, you don't need to deal with SELinux if SELinux is disabled. > > > > > > On Tue, May 6, 2014 at 12:51 AM, Tizy Ninan <[email protected]> wrote: > >> Hi >> >> We are trying to integrate the openstack setup with the Microsoft >> Active Directory(LDAP server). >> >> As per openstack documentation, >> http://docs.openstack.org/admin-guide-cloud/content/configuring-keystone-for-ldap-backend.html >> in >> order to integrate with an LDAP server, an SELinux Boolean variable >> ‘authlogin_nsswitch_use_ldap’ needs to be set. We tried setting the >> variable using the following command. >> $ setsebool –P authlogin_nsswitch_use_ldap 1 >> It returned a message stating SElinux is disabled. We changed the status >> of SElinux to permissive mode and tried setting the boolean variable, but >> it returned a message stating ‘record not found in the database’. >> >> We also tried retrieving all the boolean variables by using the following >> command >> $getsebool –a >> It listed out all the boolean variables, but there was no variable named >> ‘authlogin_nsswitch_use_ldap’ in the list. >> In order to add the variable we needed semanage. When executing the >> ‘semanage’ command it returned ‘command not found’. To install semanage we >> tried installing policycoreutils-python. It showed no package >> policycoreutils-python available. >> >> We are using Mirantis Fuel v4.0. We have an openstack Havana deployment >> on CentOS 6.4 and nova-network network service. >> Can you please help us on why the SELinux boolean variable >> (authlogin_nsswitch_use_ldap) is not available. Is it because the CentOS >> image provided by the Fuel master node does not provide the SELinux >> settings? Is there any alternative ways to set this boolean variable? >> >> Kindly help us to resolve this issue. >> >> _______________________________________________ >> OpenStack-dev mailing list >> [email protected] >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> > > > -- > Roman Sokolkov, > Deployment Engineer, > Mirantis, Inc. > Skype rsokolkov, > [email protected] > > > _______________________________________________ > OpenStack-dev mailing > [email protected]http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >
_______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
