LDAP and SELINUX
by Borresen, John - 0444 - MITLL
Does anyone out there in OpenLDAP land have experience with working with
OpenLDAP and SELINUX?
Running OpenLDAP 2.4.43 on a CentOS 7 VM.
SELINUX is squashing client authentication connectivity - with SELINUX in
enforcing, and a user fails login (No Such User) - nothing at all in the
LDAP logs the only error is in the system auth.log. It acts as if the
system authentication process does not pass off to LDAP when the user is not
found locally; with SELINUX in Permissive, the user authenticates with the
LDAP Server with no problems.
If there is anyone who has been down this road it would be very much
appreciated.
Sincerely,
John D. Borresen (Dave)
Linux/Unix Systems Administrator
MIT Lincoln Laboratory
Email: <mailto:john.borresen@ll.mit.edu> john.borresen(a)ll.mit.edu