Red Hat Bugzilla – Bug 455033
kadmind is not able to write to /var/kerberos/krbkdc/principal.ok file
Last modified: 2012-10-16 04:27:20 EDT
Description of problem:
This is a problem with the file labeling as well as kerberos not creating it
with the correct label at creation.
File should be labeled krbkdc_lock_t and kadmin and krb5kdc should be able to
write/lock this file.
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
Fixed in selinux-policy-2.4.6-142.el5
When is this going to be released as an errata package? This is biting us.
Also which type is correct? krbkdc_lock_t or krb5kdc_principal_t
You can down load preview copies from
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.