Bug 806330

Summary: warning when installing ipaserver - at step - configuring SELinux for httpd
Product: Red Hat Enterprise Linux 6 Reporter: Namita Soman <nsoman>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2CC: jgalipea, mkosek
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-2.2.0-8.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 13:25:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Namita Soman 2012-03-23 13:03:20 UTC 
Description of problem:
selinux warning message while installing ipa-server on RHEL 6.3.

====================================================
  [12/14]: configuring SELinux for httpd

WARNING: could not set selinux boolean(s)
httpd_can_network_connect,httpd_manage_ipa to true.  The web
interface may not function correctly until this boolean is successfully
change with the command:
   /usr/sbin/setsebool -P httpd_can_network_connect,httpd_manage_ipa true
Try updating the policycoreutils and selinux-policy packages.

  [13/14]: restarting httpd
  [14/14]: configuring httpd to start on boot


Version-Release number of selected component (if applicable):
ipa-server-2.2.0-4.el6.x86_64

How reproducible:


Steps to Reproduce:
1. install ipa-server


  
Actual results:
install output includes the warning

Expected results:
No such warning

Additional info:
ab had seen this warning yesterday, and has checked in a change. expecting fix in next build.
Comment 2 Rob Crittenden 2012-03-23 13:22:47 UTC 
fixed upstream

master: f6077c46b373cdd9dbc1c7618d067921df0cedb0
ipa-2-2: 5e08fa6efd9edfef875154300e427765b0a009a9
Comment 6 Martin Kosek 2012-04-25 09:41:30 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed.
Comment 7 Namita Soman 2012-05-01 13:19:07 UTC 
Verified using:
ipa-server-2.2.0-11.el6.x86_64


install log includes:
2-05-01T12:45:52Z DEBUG   [11/14]: clean up any existing httpd ccache
2012-05-01T12:45:52Z DEBUG   duration: 0 seconds
2012-05-01T12:45:52Z DEBUG   [12/14]: configuring SELinux for httpd
2012-05-01T12:45:52Z DEBUG args=/usr/sbin/selinuxenabled
2012-05-01T12:45:52Z DEBUG stdout=
2012-05-01T12:45:52Z DEBUG stderr=
2012-05-01T12:45:52Z DEBUG args=/usr/sbin/getsebool httpd_can_network_connect
2012-05-01T12:45:52Z DEBUG stdout=httpd_can_network_connect --> off

2012-05-01T12:45:52Z DEBUG stderr=
2012-05-01T12:45:52Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
2012-05-01T12:45:52Z DEBUG args=/usr/sbin/getsebool httpd_manage_ipa
2012-05-01T12:45:52Z DEBUG stdout=httpd_manage_ipa --> off

2012-05-01T12:45:52Z DEBUG stderr=
2012-05-01T12:45:52Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'
2012-05-01T12:46:19Z DEBUG args=/usr/sbin/setsebool -P httpd_can_network_connect=true httpd_manage_ipa=true
2012-05-01T12:46:19Z DEBUG stdout=
2012-05-01T12:46:19Z DEBUG stderr=
2012-05-01T12:46:19Z DEBUG   duration: 27 seconds
2012-05-01T12:46:19Z DEBUG   [13/14]: restarting httpd
2012-05-01T12:46:19Z DEBUG args=/sbin/service httpd status
Comment 9 errata-xmlrpc 2012-06-20 13:25:23 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0819.html