On Fri, 2012-04-13 at 10:31 -0400, Daniel J Walsh wrote: > On 04/13/2012 01:06 AM, Braden McDaniel wrote: > > On Thu, 2012-04-12 at 22:55 -0400, Daniel J Walsh wrote: [snip] > >> Anyways do you still believe you are having SELinux issues? > > > > Since I haven't seen any more alerts, I don't think I am. If you are > > sufficiently curious, I can unset authlogin_nsswitch_use_ldap and see what > > happens. > > Basically in Fedora 16 we turned off the ability for apps that did getpw() > from being able to connect to the ldap port, by default. Turning that boolean > on, allows all domains that call getpw to connect to the ldap port. We turned > this off because sssd now connects to ldap if it is setup and apps calling > getpw talk to sssd rather then ldap. We have seen some daemons (samba) that > talk directly that we have broken with this change, but I believe the fixes > are going into Fedora now. Well, I turned off authconfig_nsswitch_use_ldap; and I'm still not seeing any alerts. Perhaps the alert I saw that recommended this was one leftover from before the last relabel I did. -- Braden McDaniel <braden@xxxxxxxxxxxxx> -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
