Auth: rlm_krb5: [test1 at CSP-BACK] krb5_rd_req() failed: Permission denied in replay cache code

John Dennis jdennis at redhat.com
Wed Jun 15 17:34:54 CEST 2011


On 06/15/2011 10:56 AM, Phil Mayers wrote:
> On 15/06/11 15:49, g17jimmy wrote:
>> d'oh! it was SElinux. I had disabled it temporarily, but didn't set it as
>> disabled in /etc/selinux/config so it was blocking the authentication.
>
> Well, IMHO disabling it altogether is not a good idea. You might want to
> consider just disabling it for FreeRADIUS:
>
> setsebool -P radiusd_disable_trans=1
>
> Your choice of course.

Please file a bug for the selinux policy component in the Redhat 
bugzilla. Dan Walsh is very good about fixing policy problems promptly.

-- 
John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



More information about the Freeradius-Users mailing list