FYI, This allowed SSSD to work on hosted engine at least for system auth
semanage fcontext -a -t net_conf_t '/etc/hosts' /sbin/restorecon -v /etc/hosts sealert -a /var/log/audit/audit.log shows a ton of daemons were unable to read /etc/hosts... Thanks, Douglas Duckworth, MSc, LFCS HPC System Administrator Scientific Computing Unit Weill Cornell Medicine 1300 York - LC-502 E: [email protected] O: 212-746-6305 F: 212-746-8690 On Wed, Aug 22, 2018 at 8:59 AM, Douglas Duckworth <[email protected]> wrote: > Yay, I was able to restore nsswitch so things now work. > > Anyway that oVirt can use SSSD for web auth? > > Per https://ovirt.org/develop/release-management/features/infra/aaa_faq/ > there's a bug https://bugzilla.redhat.com/show_bug.cgi?id=829292 that > prevents it from working? > > > > Thanks, > > Douglas Duckworth, MSc, LFCS > HPC System Administrator > Scientific Computing Unit > Weill Cornell Medicine > 1300 York - LC-502 > E: [email protected] > O: 212-746-6305 > F: 212-746-8690 > > > On Wed, Aug 22, 2018 at 8:51 AM, Douglas Duckworth < > [email protected]> wrote: > >> Hi >> >> I am trying to configure sssd on my hosted engine. Essentially we >> control host access in LDAP so I want sssd to read that thus allow my >> coworkers to login to hosted engine vm. >> >> For some reason sssd reports backend offline even though it's resolvable, >> pingable, with ports open. I see that it's a SELinux issue which I can >> resolve. After changing to permissive SSSD works. >> >> To have system read sssd database I set hosts line in /etc/nsswitch.conf >> to: >> >> hosts files sss >> >> Though it seems that I did something bad to /etc/nsswitch.conf as now >> yum, ping, etc does not work. >> >> Could someone suggest how to restore this file or could anyone share >> theirs? >> >> Thanks, >> >> Douglas Duckworth, MSc, LFCS >> HPC System Administrator >> Scientific Computing Unit >> Weill Cornell Medicine >> 1300 York - LC-502 >> E: [email protected] >> O: 212-746-6305 >> F: 212-746-8690 >> >> >
_______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/TLYECO4SMIUJ3VCVMPQQZCXUWO6MWC3G/
