I run with SELinux enabled, and krb5kdc and kadmin both want read access to /etc/pki/tls on startup. I'm using ldaps as the protocol for talking to slapd, is this why? This is on Centos 5, which I know is a bit old.
My KDC and kadmin work fine without allowing this access, and there's nothing in krb5kdc.log or kadmind.log, just the AVC's in audit.log. Should I enable these guys to read cert_t files, or should I ignore them? If the latter, is there a configuration setting for making them stop trying the directory? Thanks, Chris ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos