slapd requires the map permission on some files, including certs, files in /usr, and the slapd database. Also uses symlink in /tmp and crypto sysctls. These two patches add the needed permissions. Steve Lawrence (2): ldap: various permissions required by slapd miscfiles: reading certs allows map permission also policy/modules/services/ldap.te | 6 +++++- policy/modules/system/miscfiles.if | 2 ++ 2 files changed, 7 insertions(+), 1 deletion(-) -- 2.21.0
