[Freeipa-users] Default SELinux user changes on addition of replica?
Steve Huston
huston at astro.princeton.edu
Tue Apr 25 14:41:35 UTC 2017
In the last of my testing before deployment, I had a replica server
setup but things got out of sync somehow. Yesterday I severed the
link with the two servers, reimaged the "bad" one, and did some poking
around on the "good" one while I was at it (clearing out all of the
real user data in anticipation of making another migration run into
it). I remember at one point I had found the default selinux user was
misconfigured, and I thought it was strange because that's on my
checklist for installing a server so I know I'd done it. Oh well,
changed it to the proper context again and moved on.
Just this morning I made the new (previously bad) server a replica
again, and after it finished I happened into the configuration page to
find the default selinux user is back to unconfined_u:s0-s0:c0.c1023.
Both servers report this the same, as I would expect, but I don't
expect or understand why it changed again.
I don't know that I'll have time to spin up more instances and go
through the testing to see what/when/how it changed, but I wanted to
point it out in case someone who does have that time can run with the
information.
--
Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci
Princeton University | ICBM Address: 40.346344 -74.652242
345 Lewis Library |"On my ship, the Rocinante, wheeling through
Princeton, NJ 08544 | the galaxies; headed for the heart of Cygnus,
(267) 793-0852 | headlong into mystery." -Rush, 'Cygnus X-1'
More information about the Freeipa-users
mailing list