Hello, I'm implementing SSSD on my RHEL 6.5 system with a read-only root filesystem. SSSD attempts to write a file to /etc/selinux/<policy>/logins that maps the linux user to an selinux user. However, this causes problems since /etc is read-only. I've played with mounting /etc/selinux/<policy>/logins in tmpfs and everything seems to work. My questions really comes down to: 1) Are there any security concerns with having the 'logins' directory in tmpfs? 2) Are there any functional considerations if the 'logins' directory gets erased every time the system reboots? Thanks, Andy Ruch
