[Freeipa-users] ipa-getcert and SELinux
Thomas Raehalme
thomas.raehalme at aitiofinland.com
Mon Mar 7 21:03:44 UTC 2016
Hi!
I have setup certificates for Puppet as described here:
http://www.freeipa.org/page/Using_IPA's_CA_for_Puppet
Unfortunately SELinux is giving me hard time when invoking "ipa-getcert
request" to generate the private/public key for the Puppet agent
(permission denied when trying to write the key pair to
/var/lib/puppet/ssl).
Disabling SELinux temporarily solves the issue, but the same problem
reappears when renewing the certificate (ipa-getcert reports status
NEED_CERTSAVE_PERMS for the request).
What would be the proper way to enable the necessary permissions on SELinux?
Best regards,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160307/d2a33234/attachment.htm>
More information about the Freeipa-users
mailing list