Description of problem: I installed fc6test1 and encountered a number of problems with the automounter; most of them were automount bugs, but one problem seemed external to the automounter. Ian Kent suggested disabling SELinux as a test and when I did that problem went away. I also noticed that ntp started working after I disabled SELinux (I hadn't gotten to looking at that yet). It seems the SELinux policies on fc6test1 are a bit too aggressive. The problem I was having was a lack of network traffic between the automount daemon and the LDAP server holding the automount maps. I ran wireshark to capture the network traffic (or lack thereof in this case) when launching the automounter and not a single packet went to the LDAP server. After disabling SELinux, it was able to communicate with my LDAP server. Version-Release number of selected component (if applicable): selinux-policy-2.3.1-1 selinux-policy-targeted-2.3.1-1 How reproducible: Every time Steps to Reproduce: 1. Set SELinux to enforcing in /etc/sysconfig/selinux 2. Reboot 3. The automount daemon fails 4. Set SELinux to permissive or disabled in /etc/sysconfig/selinux 5. Reboot 6. The automount daemon works Actual results: The automount daemon cannot talk to the LDAP server with SELinux enabled & enforcing. Expected results: The automount daemon should be able to talk to the LDAP server with SELinux enabled & enforcing. Additional info: I noticed that when I ran 'service autofs start', there was no network traffic between the automount daemon and the LDAP server, but, if I manually ran /usr/sbin/automount (as root), then there were some LDAP queries on the wire.
I think this is fixed by selinux-policy-2.3.2-1
Jeff, Can you confirm and close this report if this has been resolved?
I upgraded to selinux-policy-2.3.3-6 and libsepol-1.12.19-1.1 last night and now the automounter is working again with SELinux enabled. Thanks!