FYI, This allowed SSSD to work on hosted engine at least for system auth
semanage fcontext -a -t net_conf_t '/etc/hosts' /sbin/restorecon -v /etc/hosts sealert -a /var/log/audit/audit.log shows a ton of daemons were unable to read /etc/hosts... Thanks, Douglas Duckworth, MSc, LFCS HPC System Administrator Scientific Computing Unit Weill Cornell Medicine 1300 York - LC-502 E: d...@med.cornell.edu O: 212-746-6305 F: 212-746-8690 On Wed, Aug 22, 2018 at 8:59 AM, Douglas Duckworth <dod2...@med.cornell.edu> wrote: > Yay, I was able to restore nsswitch so things now work. > > Anyway that oVirt can use SSSD for web auth? > > Per https://ovirt.org/develop/release-management/features/infra/aaa_faq/ > there's a bug https://bugzilla.redhat.com/show_bug.cgi?id=829292 that > prevents it from working? > > > > Thanks, > > Douglas Duckworth, MSc, LFCS > HPC System Administrator > Scientific Computing Unit > Weill Cornell Medicine > 1300 York - LC-502 > E: d...@med.cornell.edu > O: 212-746-6305 > F: 212-746-8690 > > > On Wed, Aug 22, 2018 at 8:51 AM, Douglas Duckworth < > dod2...@med.cornell.edu> wrote: > >> Hi >> >> I am trying to configure sssd on my hosted engine. Essentially we >> control host access in LDAP so I want sssd to read that thus allow my >> coworkers to login to hosted engine vm. >> >> For some reason sssd reports backend offline even though it's resolvable, >> pingable, with ports open. I see that it's a SELinux issue which I can >> resolve. After changing to permissive SSSD works. >> >> To have system read sssd database I set hosts line in /etc/nsswitch.conf >> to: >> >> hosts files sss >> >> Though it seems that I did something bad to /etc/nsswitch.conf as now >> yum, ping, etc does not work. >> >> Could someone suggest how to restore this file or could anyone share >> theirs? >> >> Thanks, >> >> Douglas Duckworth, MSc, LFCS >> HPC System Administrator >> Scientific Computing Unit >> Weill Cornell Medicine >> 1300 York - LC-502 >> E: d...@med.cornell.edu >> O: 212-746-6305 >> F: 212-746-8690 >> >> >
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/TLYECO4SMIUJ3VCVMPQQZCXUWO6MWC3G/