On Fri, 2011-08-26 at 14:03 -0400, Simo Sorce wrote: > On Fri, 2011-08-26 at 12:45 -0400, Adam Young wrote: > > On 08/25/2011 05:24 PM, Adam Young wrote: > > > Uses the updated version of pkicreate which makes an ipa specific > > > proxy config file. > > > > > > > > > _______________________________________________ > > > Freeipa-devel mailing list > > > Freeipa-devel@redhat.com > > > https://www.redhat.com/mailman/listinfo/freeipa-devel > > The test for the proxy file in /etc/httpd/conf.d was "isfile' but > > since the file is actually a symlink, it needs to be "islink". This > > one checks for either. > > Nack, install fails after configuring the http service. > Restart bails out > > using export SYSTEMCL_SKIP_REDIRECT=1 to get systemd out of the way (it > was suppressing the error output) I get an permission denied error > trying to open /etc/httpd/conf.d/proxy-ipa.conf > That's a symlink into /etc/pki-ca/proxy-ipa.conf which is a file owned > by pkiuser:pkiuser with permission 660 (therefore not readable by the > apache user).
Ok it turns out permissions are not the real issue as the file is read while apache is till root, it's a selinux issue. Apache starts if I setenforce 0 Still a NAck of course, it needs to work with selinux in enforcing mode Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel