Yep, sure does. Thanks much. If selinux is disabled, why does it care?
On Wed, Apr 10, 2013 at 2:37 PM, Jakub Hrozek <jhro...@redhat.com> wrote: > On Wed, Apr 10, 2013 at 02:34:06PM -0400, Shawn wrote: > > [root@freeclient1 sssd]# sestatus > > SELinux status: disabled > > [root@freeclient1 sssd]# ls -ldZ /etc/selinux/ > > drwxr-xr-x root root ? /etc/selinux/ > > [root@freeclient1 sssd]# > > I take it there is no directory /etc/selinux/targeted/logins (or > /etc/selinux/targeted/ for that matter?) > > Does mkdir -p /etc/selinux/targeted/logins solve things for you? > > > > > > > > > On Wed, Apr 10, 2013 at 2:31 PM, Jakub Hrozek <jhro...@redhat.com> > wrote: > > > > > On Wed, Apr 10, 2013 at 02:27:36PM -0400, Shawn wrote: > > > > (Wed Apr 10 14:22:45 2013) [sssd[pam]] [write_selinux_login_file] > > > (0x0040): > > > > creating the temp file for SELinux data failed. > > > > /etc/selinux/targeted/logins/staajtlQ108(Wed Apr 10 14:22:45 2013) > > > > [sssd[pam]] [pam_reply] (0x0100): blen: 30 > > > > > > I think this is the smoking gun. > > > > > > What state is SELinux in? (run sestate) > > > Are there any AVC denials that would indicate the directory is > > > mislabeled? > > > > > > What is the output of: > > > # ls -ldZ /etc/selinux/targeted/ /etc/selinux/targeted/logins > > > > > > > > > > > -- > > *- Shawn Taaj* > -- *- Shawn Taaj*
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
