[Freeipa-users] SSSD/SSH authentication issues on some hosts
Natxo Asenjo
natxo.asenjo at gmail.com
Mon Jun 3 04:58:35 UTC 2013
On Mon, Jun 3, 2013 at 12:38 AM, Ryan Cunningham
<ryan.cunningham.xyzzy at gmail.com> wrote:
>
>> What I see is:
>>
>> fatal: Access denied for user admin by PAM account configuration
>>
>> What about disabling selinux?
>
>
> Whoops, I probably should have caught these myself.
>
> Disabling SELinux fixed one of the hosts. I didn't even look at it because I
> believed that I had disabled it previously.
>
> The other problem host didn't have SELinux enabled but was missing the
> /etc/selinux/targeted directory structure and was dropping an error:
>
> [sssd[pam]] [write_selinux_login_file] (0x0040): creating the temp file for
> SELinux data failed. /etc/selinux/targeted/logins/adminnik1F1(Sun Jun 2
> 18:01:44 2013) [sssd[pam]] [pam_reply] (0x0100): blen: 25
>
> Everything's working fine now -- thanks for looking at those logs.
glad it helped, but it should also work with selinux enabled.
Could you try running restorecon -rv on /etc and /home at least,
re-enabling selinux and logging in again? For me and many others, it
works and it really is the new 'best practices' to have it on ;-)
--
groet,
natxo
More information about the Freeipa-users
mailing list