Re: SELinux preventing login (Fedora 16)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/13/2012 01:06 AM, Braden McDaniel wrote:
> On Thu, 2012-04-12 at 22:55 -0400, Daniel J Walsh wrote:
>> On 04/12/2012 08:47 PM, Braden McDaniel wrote:
> 
> [snip]
> 
>>> I am using Kerberos for authentication; but I'm using LDAP for user 
>>> information.
>>> 
>>> (Though I get the impression that login is currently falling back to
>>> local authentication; because I don't have a Kerberos ticket after I
>>> log in.)
>>> 
>> But you are not use sssd for this.
> 
> I am under the impression that I am using sssd.
> 
>> Anyways do you still believe you are having SELinux issues?
> 
> Since I haven't seen any more alerts, I don't think I am.  If you are 
> sufficiently curious, I can unset authlogin_nsswitch_use_ldap and see what
> happens.
> 


Basically in Fedora 16 we turned off the ability for apps that did getpw()
from being able to connect to the ldap port, by default.  Turning that boolean
on, allows all domains that call getpw to connect to the ldap port.  We turned
this off because sssd now connects to ldap if it is setup and apps calling
getpw talk to sssd rather then ldap.  We have seen some daemons (samba) that
talk directly that we have broken with this change, but I believe the fixes
are going into Fedora now.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux