kerberos and selinux

Elia Pinto gitter.spiros at gmail.com
Thu May 23 14:59:58 EDT 2013


It is a selinux question. So the selinux or the fedora selinux mailing
is a better place
to ask this questions.

Best

2013/5/23, Chris Hecker <checker at d6.com>:
>
> I run with SELinux enabled, and krb5kdc and kadmin both want read access
> to /etc/pki/tls on startup.  I'm using ldaps as the protocol for talking
> to slapd, is this why?  This is on Centos 5, which I know is a bit old.
>
> My KDC and kadmin work fine without allowing this access, and there's
> nothing in krb5kdc.log or kadmind.log, just the AVC's in audit.log.
>
> Should I enable these guys to read cert_t files, or should I ignore
> them?  If the latter, is there a configuration setting for making them
> stop trying the directory?
>
> Thanks,
> Chris
>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>

-- 
Inviato dal mio dispositivo mobile


More information about the Kerberos mailing list