We encounter selinux denial while creating the kdcproxy user (step in the specfile). This results into /var/lib/kdcproxy having incorrect permissions:
$ sudo ls -lad /var/lib/kdcproxy d---------. 2 root root 6 Jul 16 12:35 /var/lib/kdcproxy
This happens only for new installs (freeipa packages must not be installed previously, kdcproxy user does not exist).
I'm working on a fix right now.
[PATCH 012] fixes the issue:
$ ls -lah /var/lib/ | grep kdcproxy drwx------. 2 kdcproxy kdcproxy 4.0K Jul 16 10:36 kdcproxy
The fix is simple and should be applied to 4.2 and master.
master:
ipa-4-2:
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1244802
Metadata Update from @tbabej: - Issue assigned to cheimes - Issue set to the milestone: FreeIPA 4.2.1
Login to comment on this ticket.