Hello all,
I will reproduce the issue tomorrow morning on a fresh LXC container.
For the sestatus:
# sestatus
SELinux status: disabled
That isnt surprising for the host is not se-enabled, or even a RHEL/CentOS.
The underlining distro supports apparmor profiles.
The crappy part
Hello all,
I am very lost at the moment, I cannot seem to get a yubikey 4 to work
with freeipa.
Server information:
CentOS Linux Release 7.3.1611
ipa-server-4.4.0-14.el7.centos.4.x86_64
I installed the IPA admin tools on my laptop and joined it to IPA, and
have successfully ran the
On (14/02/17 18:52), Lukas Slebodnik wrote:
>On (14/02/17 18:28), Alexander Bokovoy wrote:
>>On ti, 14 helmi 2017, Nuno Higgs wrote:
>>> Hello,
>>>
>>> It worked perfecty.
>>> I am wondering why this just popped up now with this patch update. Almost
>>> none of our containers hosts (and by
On (14/02/17 16:19), Nuno Higgs wrote:
>Hello,
>
>It worked perfecty.
>I am wondering why this just popped up now with this patch update. Almost
>none of our containers hosts (and by inherence the containers) have SELINUX
>enabled for they are primary for testing, and they are on a secure network.
On (14/02/17 18:28), Alexander Bokovoy wrote:
>On ti, 14 helmi 2017, Nuno Higgs wrote:
>> Hello,
>>
>> It worked perfecty.
>> I am wondering why this just popped up now with this patch update. Almost
>> none of our containers hosts (and by inherence the containers) have SELINUX
>> enabled for
Hello,
It worked perfecty.
I am wondering why this just popped up now with this patch update. Almost
none of our containers hosts (and by inherence the containers) have SELINUX
enabled for they are primary for testing, and they are on a secure network.
With this version of ipa-client, the host
On ti, 14 helmi 2017, Nuno Higgs wrote:
Hello Alexander,
Here are the logs. I have regenerated the error, because at the first time I
hadn't the debug enabled on the domain part of the sssd.conf.
After enabling the only thing reported on the sssd_domain.log on the time of
the failure is:
(Tue
Hello Alexander,
Here are the logs. I have regenerated the error, because at the first time I
hadn't the debug enabled on the domain part of the sssd.conf.
After enabling the only thing reported on the sssd_domain.log on the time of
the failure is:
(Tue Feb 14 15:24:52 2017) [sssd[be[net.xpto]]]
On ti, 14 helmi 2017, Nuno Higgs wrote:
Hello Lucas,
No, the account is neither locked nor expired. That's the weird part.
On other Centos7 / RHEL7 I can login without any issues.
[root@ipa2 ~]# ipa user-status nuno
---
Account disabled: False
---
Hello Lucas,
No, the account is neither locked nor expired. That's the weird part.
On other Centos7 / RHEL7 I can login without any issues.
[root@ipa2 ~]# ipa user-status nuno
---
Account disabled: False
---
Server: ipa1
Failed logins: 0
Last
Hi Carlos,
On 14/02/2017 15:11, Carlos Silva wrote:
> It should be this problem: https://fedorahosted.org/freeipa/ticket/6613
Indeed this was the issue, changing in /etc/hosts
::1 localhost6.localdomain6 localhost6
to
::1 localhost localhost.localdomain
On (14/02/17 13:00), Nuno Higgs wrote:
>Hello All,
>
>
>
>I have a LXC container running Centos7, fully patched that i can't login
>into in a standard IPA usage configuration:
>
>
>Feb 13 19:42:07 lxc1 sshd[1536]: pam_sss(sshd:account): Access denied for
>user nuno 4 (System error)
>
System error
Certs are valid, I will check what you mentioned.
I'm also no fan of bundles, more the seperate files but this doesn't
seem to work always. At least for the CAroot a bundle was required.
Matt
2017-02-14 14:51 GMT+01:00 Sullivan, Daniel [CRI] :
> Have you validated
Hello All,
I have a LXC container running Centos7, fully patched that i can't login
into in a standard IPA usage configuration:
Feb 13 19:42:07 lxc1 sshd[1536]: pam_sss(sshd:account): Access denied for
user nuno 4 (System error)
Feb 13 19:42:07 lxc1 sshd[1536]: Failed password for nuno
Hi Dan,
Ues i have tried that and I get the message that it misses the full
chain for the certificate.
My issue is more, why is the Server-Cert being removed on a certupdate ?
Cheers,
Matt
2017-02-14 2:18 GMT+01:00 Sullivan, Daniel [CRI] :
> Is the chain in
Hi,Was there any out-come to this?
I running: sudo1.8.12-1ubuntu3, which is well behind up to date releases.
Many thanks,James Harrison
From: James Harrison
To: "freeipa-users@redhat.com" ;
"pbrez...@redhat.com"
16 matches
Mail list logo