Re: [Freeipa-users] Could not update ICEauthority file /home/brad/.ICEauthority FreeIPA
On Sun, 2011-08-14 at 16:11 +1200, Thing wrote: > Hi, > > For the client I suspect you need to set the mkhomedir flag when doing > the install, I dont know how to set it afterward so I suggest a quick > fix is un-install the client and re-install with that flag. Far easier would be to run (as root): 'yum install oddjob-mkhomedir' 'authconfig --update --enablemkhomedir' Then you should be all set. signature.asc Description: This is a digitally signed message part ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Could not update ICEauthority file /home/brad/.ICEauthority FreeIPA
> Hi, > I am setting up a freeipa2 server (both fedora 15), and I was able to get the ipa-client-install to work perfectly (as far as I know) by yum excluding libcurl and curl. If I run kinit brad, I can authenticate and that works aswell. > > But when I want to login as me through gdm, I get "Could not update ICEauthority file /home/brad/.ICEauthority" granted the home folders do not exist as this would be my first ever login. You either don't have a home directory (/home/brad) or you've got a SeLinux problem. Last week I've made a little F15 freeipa setup with the default mkhomedir feature. The I had Selinux problems with ~/.Xautority for remote X sessions. After some Googling and reading I found out that there is another pam mkhomedit module (oddjob-mkhomedir). After installing this package, removing users, removing machine out of freeipa realm and reinstalling with $ ipa-client-install --mkhomedir everthing worked just fine. It seems that the default pam_makehomedit module is not able to set correct SELinux permissions. regards, Geerten ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Could not update ICEauthority file /home/brad/.ICEauthority FreeIPA
While I don't know much about the issue you mentioned, you can add the mkhomedir switch to the necessary pam files later also. If you don't know the exact files and switches, compare it with an identical machine where you have mkhomedir switch enabled at the time of IPA client installation. I think you can even copy the same pam files and put it inside your /etc/pam.d Regards,Nidal --- On Sat, 8/13/11, Thing wrote: From: Thing Subject: Re: [Freeipa-users] Could not update ICEauthority file /home/brad/.ICEauthority FreeIPA To: "Bradley Clemetson" Cc: freeipa-users@redhat.com Date: Saturday, August 13, 2011, 9:11 PM Hi, For the client I suspect you need to set the mkhomedir flag when doing the install, I dont know how to set it afterward so I suggest a quick fix is un-install the client and re-install with that flag. regards Steven On Sun, Aug 14, 2011 at 4:06 PM, Bradley Clemetson wrote: Hi, I am setting up a freeipa2 server (both fedora 15), and I was able to get the ipa-client-install to work perfectly (as far as I know) by yum excluding libcurl and curl. If I run kinit brad, I can authenticate and that works aswell. But when I want to login as me through gdm, I get "Could not update ICEauthority file /home/brad/.ICEauthority" granted the home folders do not exist as this would be my first ever login. Any and all help is GREATLY appreciated, as I am currently replacing a windows computer lab to fedora, and have got eveything else ready to go. Thanks You for a great product. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users -Inline Attachment Follows- ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Could not update ICEauthority file /home/brad/.ICEauthority FreeIPA
Hi, For the client I suspect you need to set the mkhomedir flag when doing the install, I dont know how to set it afterward so I suggest a quick fix is un-install the client and re-install with that flag. regards Steven On Sun, Aug 14, 2011 at 4:06 PM, Bradley Clemetson wrote: > Hi, > I am setting up a freeipa2 server (both fedora 15), and I was able to get > the ipa-client-install to work perfectly (as far as I know) by yum excluding > libcurl and curl. If I run kinit brad, I can authenticate and that works > aswell. > > But when I want to login as me through gdm, I get "Could not update > ICEauthority file /home/brad/.ICEauthority" granted the home folders do not > exist as this would be my first ever login. > > Any and all help is GREATLY appreciated, as I am currently replacing a > windows computer lab to fedora, and have got eveything else ready to go. > > Thanks You for a great product. > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] Could not update ICEauthority file /home/brad/.ICEauthority FreeIPA
Hi, I am setting up a freeipa2 server (both fedora 15), and I was able to get the ipa-client-install to work perfectly (as far as I know) by yum excluding libcurl and curl. If I run kinit brad, I can authenticate and that works aswell. But when I want to login as me through gdm, I get "Could not update ICEauthority file /home/brad/.ICEauthority" granted the home folders do not exist as this would be my first ever login. Any and all help is GREATLY appreciated, as I am currently replacing a windows computer lab to fedora, and have got eveything else ready to go. Thanks You for a great product. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users