Bug 746665

Summary: SSSD slave daemons cannot connect to socket because of selinux
Product: Red Hat Enterprise Linux 6 Reporter: Saggi Mizrahi <smizrahi>
Component: sssdAssignee: Stephen Gallagher <sgallagh>
Status: CLOSED DUPLICATE QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: high    
Version: 6.2CC: bazulay, grajaiya, jgalipea, prc
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-10-17 13:17:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
/var/log/sssd none

Description Saggi Mizrahi 2011-10-17 13:14:05 UTC 
Created attachment 528535 [details]
/var/log/sssd

Description of problem:
sssd-client-1.5.1-58.el6.x86_64
sssd-1.5.1-58.el6.x86_64

if selinux is off everything is working. When it's on SSD fails to start slave daemons with the error:
(Sun Oct 16 03:27:59 2011) [sssd] [global_checks_handler] (0): waitpid returned -1 (errno:10[No child processes])
In the slave daemon logs there is:
(Mon Oct 17 13:57:28 2011) [sssd[nss]] [check_file] (1): lstat for [/var/lib/sss/pipes/private/sbus-dp_default] failed: [13][Permission denied].
(Mon Oct 17 13:57:28 2011) [sssd[nss]] [sbus_client_init] (1): check_file failed for [/var/lib/sss/pipes/private/sbus-dp_default].
(Mon Oct 17 13:57:28 2011) [sssd[nss]] [sss_dp_init] (0): Failed to connect to monitor services.
(Mon Oct 17 13:57:28 2011) [sssd[nss]] [sss_process_init] (0): fatal error setting up backend connector

[root@tiggy lib]# ls -lZ /var/lib/sss/pipes/private/*
srw-------. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/pam
lrwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default -> /var/lib/sss/pipes/private/sbus-dp_default.14472
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14411
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14412
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14414
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14415
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14416
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14494
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14495
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14496
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14497
srwxrwxrwx. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-dp_default.14500
srw-------. root root unconfined_u:object_r:sssd_var_lib_t:s0 /var/lib/sss/pipes/private/sbus-monitor

[root@tiggy lib]# stat -Z /usr/sbin/sssd 
  File: `/usr/sbin/sssd'
  Size: 253464    	Blocks: 496        IO Block: 4096   regular file
Device: fd00h/64768d	Inode: 1181185     Links: 1     Device type: 0,0
Access: (0755/-rwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
   S_Context: system_u:object_r:sssd_exec_t:s0
Access: 2011-10-17 14:56:46.308969633 +0200
Modify: 2011-10-14 20:44:08.000000000 +0200
Change: 2011-10-17 14:56:37.616969180 +0200

I did restorecon of /var/lib and /usr/sbin and it didn't help.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Stephen Gallagher 2011-10-17 13:17:43 UTC 

*** This bug has been marked as a duplicate of bug 746265 ***