It is a selinux question. So the selinux or the fedora selinux mailing is a better place to ask this questions.
Best 2013/5/23, Chris Hecker <chec...@d6.com>: > > I run with SELinux enabled, and krb5kdc and kadmin both want read access > to /etc/pki/tls on startup. I'm using ldaps as the protocol for talking > to slapd, is this why? This is on Centos 5, which I know is a bit old. > > My KDC and kadmin work fine without allowing this access, and there's > nothing in krb5kdc.log or kadmind.log, just the AVC's in audit.log. > > Should I enable these guys to read cert_t files, or should I ignore > them? If the latter, is there a configuration setting for making them > stop trying the directory? > > Thanks, > Chris > > ________________________________________________ > Kerberos mailing list Kerberos@mit.edu > https://mailman.mit.edu/mailman/listinfo/kerberos > -- Inviato dal mio dispositivo mobile ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos