Bug 662523
Summary: | SELinux is preventing /usr/sbin/ntpd "read" access on /etc/samba/smb.conf. | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Rodolfo Ferrari <rferrari> | ||||||||
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | low | ||||||||||
Version: | 14 | CC: | dwalsh, mgrepl, mlichvar, ssorce | ||||||||
Target Milestone: | --- | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | i386 | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | setroubleshoot_trace_hash:5a95b647b9ff002ad12e9a13e1f796b1b840ca664409b5b6565ef64525cde0ac | ||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2011-05-27 08:50:11 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
Rodolfo Ferrari
2010-12-13 01:04:27 UTC
Did you setup ntp and samba to work together? Could you attach your ntp.conf? Created attachment 468460 [details] ntp.conf configuration file. (In reply to comment #1) > Did you setup ntp and samba to work together? > > Could you attach your ntp.conf? No, I just checked off "Synchronize date and time over the network" on the "Adjust Date and Time" tab. The error appeared right away, later on, I added a new NTP server (my LAN's Windows 2003 DC) since I configured Winbind and join the Linux workstation with AD. Attached is the ntp.conf file. Mirku, what do you think? It looks legitimate. I don't see where is this coming from, ntpd doesn't seem to have any code that would read smb.conf. Can you please attach output of ntpd started in strace for few minutes? strace -eopen /usr/sbin/ntpd -n -u ntp:ntp Winbind? not necessarily, today ntpd comes with code to allow it to sign packets, needed for samba4 AD servers. nss_winbindd and pam_winbindd iirc do not read smb.conf directly. Let me check the code, I'll get back to you if I find anything relevant. Created attachment 468759 [details]
ntpd read access on samba.conf alert message
Not sure if this is related to this bug, this error has happened a couple of times.
Created attachment 468760 [details]
ntpd strace output
As requested, attached is the output of the ntpd's strace. I gave it 5 mins .. it only opened files during the first minute after that there was no more output.
Let me know if we need the log for a longer period of time.
Is this fixed in the current release. |