Hide Forgot
Description of problem: Description of the problem: using authconfig to enable sssd and sssdauth fails. Version-Release number of selected component (if applicable): [root@fedora-client shared]# rpm -q sssd sssd-1.7.93-0.20120224T0153Zgit093acc9.fc16.i686 How reproducible:Always Steps to Reproduce: 1.Configure sssd.conf 2.authconfig --enablemkhomedir --enablesssd --enablesssdauth --updateall Actual results: sealert -a /var/log/audit/audit.log 100% donefound 1 alerts in /var/log/audit/audit.log -------------------------------------------------------------------------------- SELinux is preventing /usr/sbin/sssd from using the sys_admin capability. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that sssd should have the sys_admin capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep sssd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Expected results: authconfig should enable sssd and start is successfully. Additional info:
selinux-policy-3.10.0-68.fc16 has this access.
Yes, please update your policy $ yum update selinux-policy-targeted