SELinux contexts for krb5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I have just migrated my Kerberos setup to a new machine (running inside
Xen) and it is complaining at startup about the file contexts not being
correct, even after running /sbin/fixfiles.  On the previous machine I'm
sure I had set SELinux to permissive and that's why it never complained.

Here are the contexts *after* running /sbin/fixfiles -R krb5-server
restore

# ls -AlZ /var/kerberos/krb5kdc/
-rw-------  root root
system_u:object_r:krb5kdc_conf_t .k5.BEAV.VIRTUALXISTENZ.COM
-rw-r--r--  root root system_u:object_r:krb5kdc_conf_t kadm5.acl
-rw-------  root root system_u:object_r:krb5kdc_conf_t kadm5.keytab
-rw-r--r--  root root system_u:object_r:krb5kdc_conf_t kdc.conf
-rw-------  root root system_u:object_r:krb5kdc_principal_t principal
-rw-------  root root system_u:object_r:krb5kdc_principal_t
principal.kadm5
-rw-------  root root system_u:object_r:krb5kdc_principal_t
principal.kadm5.lock
-rw-------  root root system_u:object_r:krb5kdc_principal_t principal.ok


I suspect the file permissions are slightly off and therefore it's not
correctly detecting the configuration files.  How can I find out what
the owner/group/mode of the file should be?  It seems like this would be
a simple thing, but at the moment it is escaping me...


--Tim
 ____________________________________________________________ 
< Look!  A ladder!  Maybe it leads to heaven, or a sandwich! >
 ------------------------------------------------------------ 
  \
   \   \
        \ /\
        ( )
      .( o ).

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux