| Summary: | Can't register systems with satellite using PAM auth + SELinux Enforcing | ||
|---|---|---|---|
| Product: | Red Hat Satellite 5 | Reporter: | Jan Pazdziora <jpazdziora> |
| Component: | Docs Release Notes | Assignee: | Lana Brindley <lbrindle> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | ecs-bugs |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 541 | CC: | cperry, jpazdziora, mhideo, mmello, pep, slukasik |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
Cause: Satellite 5.3 on RHEL 5.5 x86_64 with SELinux in Enforcing mode when allow_httpd_mod_auth_pam SELinux boolean is not set
Consequence: System registration by Satellite users with Kerberos PAM authentication will fail.
Workaround: set allow_httpd_mod_auth_pam SELinux boolean to TRUE
Result: Users can register systems using Kerberos authentication
Running RHN Satellite 5.3 on RHEL 5.5 64 bit systems, with SELinux in Enforcing mode, and without setting the allow_httpd_mod_auth_pam SELinux boolean can lead to system registration with Kerberos PAM authentication to fail. To work around this issue, set the allow_httpd_mod_auth_pam SELinux boolean to TRUE so that users can register systems using Kerberos authentication.
|
Story Points: | --- |
| Clone Of: | 639110 | Environment: | |
| Last Closed: | 2011-06-16 22:33:08 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | 639110 | ||
| Bug Blocks: | 677505 | ||
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Diffed Contents:
@@ -4,4 +4,7 @@
Workaround: set allow_httpd_mod_auth_pam SELinux boolean to TRUE
-Result: Users can register systems using Kerberos authentication+Result: Users can register systems using Kerberos authentication
+
+
+Running RHN Satellite 5.3 on RHEL 5.5 64 bit systems, with SELinux in Enforcing mode, and without setting the allow_httpd_mod_auth_pam SELinux boolean can lead to system registration with Kerberos PAM authentication to fail. To work around this issue, set the allow_httpd_mod_auth_pam SELinux boolean to TRUE so that users can register systems using Kerberos authentication.
5.4.1 Satellite books are now available on docs.redhat.com. Please raise a new bug for any issues. LKB |
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: Satellite 5.3 on RHEL 5.5 x86_64 with SELinux in Enforcing mode when allow_httpd_mod_auth_pam SELinux boolean is not set Consequence: System registration by Satellite users with Kerberos PAM authentication will fail. Workaround: set allow_httpd_mod_auth_pam SELinux boolean to TRUE Result: Users can register systems using Kerberos authentication