FC5 LDAP issues

Jason L Tibbitts III tibbs at math.uh.edu
Thu Mar 30 19:42:52 UTC 2006


I've noticed that the behavior of my FC5 system differs dramatically
depending on whether nscd is running.  User info is stored in LDAP,
and if nscd is running then applications talk to it.  But if it's not
running then the applications (or libc, at least) talk to the network
themselves.  This gets denied by selinux and things break.  Most
notably, the system won't even boot, because dbus just hangs forever
spewing AVC messages to the console.

So I wonder if the intention is to make nscd mandatory, or if failures
due to a lack of nscd are considered problematic.  I have nothing
against nscd, but I don't generally turn it on until after the system
boots and has time to pull down configuration information so that
encrypted ldap works.  Obviously I'll be reworking my installation
scripts to work around this.

 - J<




More information about the fedora-selinux-list mailing list