Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=491767 --- Comment #16 from Jason Tibbitts <tibbs@xxxxxxxxxxx> 2009-04-20 15:51:11 EDT --- Well, I figured out that my problems getting this to work simply go away with 'setenforce 0'. Here are the complaints I see while running in permissive mode: type=1400 audit(1240256724.128:55): avc: denied { write } for pid=1712 comm="nscd" name="socket" dev=dm-4 ino=409614 scontext=system_u:system_r:nscd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=sock_file type=1400 audit(1240256724.134:56): avc: denied { connectto } for pid=1712 comm="nscd" path="/var/run/nslcd/socket" scontext=system_u:system_r:nscd_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=unix_stream_socket The daemon started fine, but it seems that nothing could talk to it. I guess some policy tweaks will be needed before this gets to the point of being useful. BTW, does Simo know you're packaging this for inclusion? I thought SSSD was supposed to do the same thing in a different way. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review