Hello everyone,
I have been setting up freeipa(its version is 4.3.1) on Ubuntu. Selinux is
enable, and its mode is permissive. I met a problem at configuring the httpd
process, but the process won't be interrupted. The configuration information
is as follows:
Configuring the web interface (httpd). Estimated time: 1 minute
[1/20]: setting mod_nss port to 443
[2/20]: setting mod_nss cipher suite
[3/20]: setting mod_nss protocol list to TLSv1.0 - TLSv1.2
[4/20]: setting mod_nss password file
[5/20]: enabling mod_nss renegotiate
[6/20]: adding URL rewriting rules
[7/20]: configuring httpd
[8/20]: configure certmonger for renewals
[9/20]: setting up httpd keytab
[10/20]: setting up ssl
[11/20]: importing CA certificates from LDAP
[12/20]: publish CA cert
[13/20]: clean up any existing httpd ccache
[14/20]: configuring SELinux for httpd
ipa.ipaplatform.redhat.tasks: ERROR Cannot get SELinux boolean
'httpd_run_ipa': Command '/usr/sbin/getsebool httpd_run_ipa' returned non-zero
exit status 255
WARNING: Could not set SELinux booleans: httpd_can_network_connect=on
httpd_run_ipa=on httpd_manage_ipa=on
The web interface may not function correctly until
the booleans are successfully changed with the command:
/usr/sbin/setsebool -P httpd_can_network_connect=on httpd_run_ipa=on
httpd_manage_ipa=on
Try updating the policycoreutils and selinux-policy packages.
[15/20]: create KDC proxy user
[16/20]: create KDC proxy config
[17/20]: enable KDC proxy
[18/20]: restarting httpd
[19/20]: configuring httpd to start on boot
[20/20]: enabling oddjobd
Done configuring the web interface (httpd).
Is there anyone can help me?
Thanks!
------------------
祝:
工作顺利!生活愉快!
--------------------------
长沙研发中心 郑磊
电话:18684703229
邮箱:zheng...@kylinos.cn
公司:天津麒麟信息技术有限公司
地址:湖南长沙市开福区三一大道工美大厦十四楼
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project