On 09/16/2013 04:49 PM, Parasit Hendersson wrote:
Hi,
I try migrate from RHEL5 (389-ds-base-1.2.10.14-1.el5) to RHEL6
(389-ds-base-1.2.11.15-11.el6.x86_64).
Everything looks good, installation from rpm, first start, etc. but
server instance won't start after restart. Problem (probably) is in
rights to directory /lib/dirsrv/
Fragment of log:
[16/Sep/2013:16:17:47 +0200] - 389-Directory/1.2.11.15 B2013.021.196
starting up
[16/Sep/2013:16:17:47 +0200] - slapd started. Listening on All
Interfaces port 389 for LDAP requests
[16/Sep/2013:16:17:48 +0200] - mkdir_p /lib/dirsrv/slapd-master2:
error -5966 (Access Denied.)
But rights looks good:
drwxr-xr-x. 2 nobody nobody 4096 Sep 16 14:56 dirsrv
When i create directory and some files manually (still with owner
"nobody") got message:
"WARNING---no write permission to file
/lib/dirsrv/slapd-master2/db/Project/DBVERSION"
But:
-rw-rw-rw-. 1 nobody nobody 0 Sep 16 16:40 DBVERSION
most likely, selinux apply dirsrv_var_lib_t context to your database
directory if you don't use the default paths, validate this by looking
into /var/log/audit/audit.log or sestatus shows "Current mode:
enforcing", if you use default paths do a restorecon -vR
/var/lib/dirsrv/ to fix permission problems there,
is you use custom paths, instead of doing chcon -t dirsrv_var_lib_t
/path/ ... you should consider adding the path with semanage to not get
relabel due to parent contexts
$ semanage fcontext -a -f "" -s system_u -t dirsrv_var_lib_t
/lib/dirsrv/slapd-master2
regards
mIke
Please help, where is problem?
Best Regards
Parasit Hendersson
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
