That doesn't seem like SELinux is interfering, it seems like an issue contacting the ldap server. If it was an SELinux issue there would be avc denials in /var/log/messages and Permissive mode would not block anything. Sent from my iPhone On Feb 17, 2011, at 8:06 AM, "sub@xxxxxxx" <sub@xxxxxxx> wrote: > Le 17/02/2011 14:26, sub@xxxxxxx a Ãcrit : >> Hello, >> >> On a RHEL5 server with SELinux in "permissive" mode, I can't make sudo >> working with pam_ldap authentication. >> >> pam_ldap is correctly configured : I can perform an authentication on a >> ssh connection but once connected I can't sudo anything even though I'm >> in the "wheel" group and this group is allowed in /etc/sudoers. >> >> I suspect SELinux because of all the servers I manage, this is the only >> one with SELinux activated and the only one with "sudo" problems. >> >> I activated pam_ldap with "authconfig --update --enableldapauth", but I >> manually copied the "ldap.conf" file. >> >> Please note that I'm not familiar with SELinux > > I forgot : > > - I can't disable SELinux > > - I have this error message in /var/log/message when the > authentication fails : > > sudo: pam_ldap: ldap_simple_bind Can't contact LDAP server > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
