[root@freeipa ~]# ipa hbactest --user=myuser --host=my.fqdn. --service=sshd
Access granted: True
Matched rules: allow_all
[root@freeipa ~]#
└─ ssh myus...@ec2-54-xxx.xxx.compute-1.amazonaws.com -i
/home/user/.ssh/key
Connection closed by 54x.x.x.x
Shawn wrote:
[root@freeipa ~]# ipa hbactest --user=myuser --host=my.fqdn. --service=sshd
Access granted: True
Matched rules: allow_all
[root@freeipa ~]#
└─ ssh myus...@ec2-54-xxx.xxx.compute-1.amazonaws.com
On Wed, Apr 10, 2013 at 02:11:14PM -0400, Rob Crittenden wrote:
Shawn wrote:
[root@freeipa ~]# ipa hbactest --user=myuser --host=my.fqdn. --service=sshd
Access granted: True
Matched rules: allow_all
[root@freeipa ~]#
└─ ssh
(Wed Apr 10 14:22:45 2013) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): name 'staaj' matched without domain, user is staaj
(Wed Apr 10 14:22:45 2013) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): using default domain [(null)]
(Wed Apr 10 14:22:45 2013) [sssd[pam]] [pam_print_data]
On Wed, Apr 10, 2013 at 02:27:36PM -0400, Shawn wrote:
(Wed Apr 10 14:22:45 2013) [sssd[pam]] [write_selinux_login_file] (0x0040):
creating the temp file for SELinux data failed.
/etc/selinux/targeted/logins/staajtlQ108(Wed Apr 10 14:22:45 2013)
[sssd[pam]] [pam_reply] (0x0100): blen: 30
I
[root@freeclient1 sssd]# sestatus
SELinux status: disabled
[root@freeclient1 sssd]# ls -ldZ /etc/selinux/
drwxr-xr-x root root ?/etc/selinux/
[root@freeclient1 sssd]#
On Wed, Apr 10, 2013 at 2:31 PM, Jakub Hrozek jhro...@redhat.com wrote:
On
Yep, sure does. Thanks much.
If selinux is disabled, why does it care?
On Wed, Apr 10, 2013 at 2:37 PM, Jakub Hrozek jhro...@redhat.com wrote:
On Wed, Apr 10, 2013 at 02:34:06PM -0400, Shawn wrote:
[root@freeclient1 sssd]# sestatus
SELinux status: disabled
On Wed, Apr 10, 2013 at 02:49:46PM -0400, Shawn wrote:
Yep, sure does. Thanks much.
If selinux is disabled, why does it care?
It's an SSSD bug:
https://bugzilla.redhat.com/show_bug.cgi?id=914433
We didn't realize that SELinux disabled might mean that the directory is
not there at all.
Hi,
I have configured a ipa-server, replica and client.
In the GUI I can see that all hosts are in the hosts list.. I have
created a single user as well and attached that user to the client.
When trying to login as the user to the client, I see this in the
secure.log.
fatal: Access denied for
I am able to login to my replica and master with users no problem, just
having issues with clients..
On Thu, Apr 4, 2013 at 3:27 PM, Shawn taaj.sh...@gmail.com wrote:
Hi,
I have configured a ipa-server, replica and client.
In the GUI I can see that all hosts are in the hosts list.. I have
Shawn wrote:
Hi,
I have configured a ipa-server, replica and client.
In the GUI I can see that all hosts are in the hosts list.. I have
created a single user as well and attached that user to the client.
When trying to login as the user to the client, I see this in the
secure.log.
fatal:
On Thu, Apr 04, 2013 at 03:27:37PM -0400, Shawn wrote:
Hi,
I have configured a ipa-server, replica and client.
In the GUI I can see that all hosts are in the hosts list.. I have
created a single user as well and attached that user to the client.
When trying to login as the user to the
Run an hbactest:
ipa hbactest --user=youruser --host=fqdn.of.host --service=sshd
Make sure that works, if it does, then you can move on to troubleshooting
the host itself.
On Thu, Apr 4, 2013 at 2:27 PM, Shawn taaj.sh...@gmail.com wrote:
Hi,
I have configured a ipa-server, replica and
13 matches
Mail list logo