[Freeipa-users] Configuring httpd error when selinux is permissive
郑磊
zhenglei at kylinos.cn
Tue Nov 8 08:33:01 UTC 2016
Hello everyone,
I have been setting up freeipa(its version is 4.3.1) on Ubuntu. Selinux is enable, and its mode is permissive. I met a problem at configuring the httpd process, but the process won't be interrupted. The configuration information is as follows:
Configuring the web interface (httpd). Estimated time: 1 minute
[1/20]: setting mod_nss port to 443
[2/20]: setting mod_nss cipher suite
[3/20]: setting mod_nss protocol list to TLSv1.0 - TLSv1.2
[4/20]: setting mod_nss password file
[5/20]: enabling mod_nss renegotiate
[6/20]: adding URL rewriting rules
[7/20]: configuring httpd
[8/20]: configure certmonger for renewals
[9/20]: setting up httpd keytab
[10/20]: setting up ssl
[11/20]: importing CA certificates from LDAP
[12/20]: publish CA cert
[13/20]: clean up any existing httpd ccache
[14/20]: configuring SELinux for httpd
ipa.ipaplatform.redhat.tasks: ERROR Cannot get SELinux boolean 'httpd_run_ipa': Command '/usr/sbin/getsebool httpd_run_ipa' returned non-zero exit status 255
WARNING: Could not set SELinux booleans: httpd_can_network_connect=on httpd_run_ipa=on httpd_manage_ipa=on
The web interface may not function correctly until
the booleans are successfully changed with the command:
/usr/sbin/setsebool -P httpd_can_network_connect=on httpd_run_ipa=on httpd_manage_ipa=on
Try updating the policycoreutils and selinux-policy packages.
[15/20]: create KDC proxy user
[16/20]: create KDC proxy config
[17/20]: enable KDC proxy
[18/20]: restarting httpd
[19/20]: configuring httpd to start on boot
[20/20]: enabling oddjobd
Done configuring the web interface (httpd).
Is there anyone can help me?
Thanks!
------------------
祝:
工作顺利!生活愉快!
--------------------------
长沙研发中心 郑磊
电话:18684703229
邮箱:zhenglei at kylinos.cn
公司:天津麒麟信息技术有限公司
地址:湖南长沙市开福区三一大道工美大厦十四楼
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161108/732e94fe/attachment.htm>
More information about the Freeipa-users
mailing list