[Freeipa-users] SELinux error during ipa-server-install
Marco Pizzoli
marco.pizzoli at gmail.com
Fri Feb 10 13:09:54 UTC 2012
Hi Dale,
On Fri, Feb 10, 2012 at 1:50 PM, Dale Macartney
<dale at themacartneyclan.com>wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Marco
>
> I had a very similar issue trying to do the same thing a while back on the
> day RHEL 6.2 went GA..
>
> My situation was
>
> SElinux enforcing, then run ipa-server-install.. it gets half way through
> the process and it fails
>
> then I tried
>
> SELinux permissive, to get the exact same issue
>
> I then completely disabled SElinux in /etc/sysconfig/selinux, rebooted and
> ran the setup again, and I was able to install successfully.
>
> In my situation, it was related to the selinux pki policy. When this was
> loaded, it caused the ipa setup to fail... an update was made available in
> rhel which allowed me to move forward with selinux in enforcing mode.
>
> Have you patched Fedora 16 with the latest updates? my situation was quite
> a while ago so I would have imagined that there would be an update to that
> issue with Fedora as well if this is actually the same issue I encountered.
> ..
>
I updated my system few days ago and I'm currently not seeing further
updates available.
These are my packages:
[root at freeipa01 ~]# rpm -qa|grep -i selinux
selinux-policy-3.10.0-75.fc16.noarch
libselinux-2.1.6-5.fc16.x86_64
libselinux-python-2.1.6-5.fc16.x86_64
pki-selinux-9.0.17-1.fc16.noarch
libselinux-utils-2.1.6-5.fc16.x86_64
selinux-policy-targeted-3.10.0-75.fc16.noarch
freeipa-server-selinux-2.1.4-4.fc16.x86_64
> Do you get the same issue with selinux disabled at all?
>
Actually I haven't tried, but I'm sure to not encounter this problem in
that case.
As I wrote, I'm running in permissive mode so I only get warning on what it
would have been blocked by SELinux, not the effective block to the
execution.
My setup (apparently) completed correctly. I still have to check-on-the-job
:-)
Thanks
Marco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120210/0c0035ad/attachment.htm>
More information about the Freeipa-users
mailing list