The selinux problem resolved in #1185 was not solved completely, originally reported AVC reoccurred.
selinux-policy version:
selinux-policy-3.9.16-26.fc15.noarch
audit.log:
... type=AVC msg=audit(1307533596.416:1211): avc: denied { read } for pid=17544 comm="ns-slapd" name="lock" dev=dm-0 ino=1681 ...
audit2allow:
# cat /var/log/audit/audit.log | audit2allow #============= dirsrv_t ============== allow dirsrv_t var_t:lnk_file read;
https://bugzilla.redhat.com/show_bug.cgi?id=696819
The problem was that /var/lock was mislabeled.
# restorecon -R -v /var
fixed the problem.
Metadata Update from @mkosek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 2.1 - 2011/06
Login to comment on this ticket.